The branch main has been updated by kp:
URL:
https://cgit.FreeBSD.org/src/commit/?id=753da351598a381abe639a62621f5dae28a7bfe6
commit 753da351598a381abe639a62621f5dae28a7bfe6
Author: Kristof Provost <k...@freebsd.org>
AuthorDate: 2025-06-24 11:39:24 +0000
Commit: Kristof Provost <k...@freebsd.org>
CommitDate: 2025-06-27 14:55:16 +0000
pfctl: plug some memory leaks
found by parfait, ok henning
Obtained from: OpenBSD, deraadt <dera...@openbsd.org>, 2f2ceddc40
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sbin/pfctl/parse.y | 2 ++
sbin/pfctl/pfctl.c | 2 +-
sbin/pfctl/pfctl_optimize.c | 1 +
3 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index e4cd4883e2c9..8afef160b205 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -7143,6 +7143,8 @@ pushfile(const char *name, int secret)
if ((nfile = calloc(1, sizeof(struct file))) == NULL ||
(nfile->name = strdup(name)) == NULL) {
+ if (nfile)
+ free(nfile);
warn("malloc");
return (NULL);
}
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 15766eb9b704..8435f69e91e0 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -2261,7 +2261,7 @@ pfctl_rules(int dev, char *filename, int opts, int
optimize,
struct pfctl_ruleset *rs;
struct pfctl_eth_ruleset *ethrs;
struct pfr_table trs;
- char *path;
+ char *path = NULL;
int osize;
RB_INIT(&pf_anchors);
diff --git a/sbin/pfctl/pfctl_optimize.c b/sbin/pfctl/pfctl_optimize.c
index d6417e8e73a1..b4ffcbebb1bb 100644
--- a/sbin/pfctl/pfctl_optimize.c
+++ b/sbin/pfctl/pfctl_optimize.c
@@ -922,6 +922,7 @@ load_feedback_profile(struct pfctl *pf, struct superblocks
*superblocks)
if (pfctl_get_rule_h(pf->h, nr, rules.ticket, "", PF_PASS,
&rule, anchor_call)) {
warn("DIOCGETRULENV");
+ free(por);
return (1);
}
memcpy(&por->por_rule, &rule, sizeof(por->por_rule));
