git: e249f5daa41f - main - pf: fix memory leak on rule add parse failure

Mon, 11 Dec 2023 13:03:00 -0800 

The branch main has been updated by kp:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=e249f5daa41f73eb293490ed93d06d1fefa08d82

commit e249f5daa41f73eb293490ed93d06d1fefa08d82
Author:     Kristof Provost <k...@freebsd.org>
AuthorDate: 2023-12-11 19:43:20 +0000
Commit:     Kristof Provost <k...@freebsd.org>
CommitDate: 2023-12-11 19:53:00 +0000

    pf: fix memory leak on rule add parse failure
    
    Reported by:    Igor Ostapenko <p...@igoro.pro>
    Reviewed by:    Igor Ostapenko <p...@igoro.pro>
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sys/netpfil/pf/pf_nl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sys/netpfil/pf/pf_nl.c b/sys/netpfil/pf/pf_nl.c
index 86cc5ba9cc91..67a7392ae448 100644
--- a/sys/netpfil/pf/pf_nl.c
+++ b/sys/netpfil/pf/pf_nl.c
@@ -625,8 +625,10 @@ pf_handle_addrule(struct nlmsghdr *hdr, struct nl_pstate 
*npt)
        attrs.rule = pf_krule_alloc();
 
        error = nl_parse_nlmsg(hdr, &addrule_parser, npt, &attrs);
-       if (error != 0)
+       if (error != 0) {
+               pf_free_rule(attrs.rule);
                return (error);
+       }
 
        error = pf_ioctl_addrule(attrs.rule, attrs.ticket, attrs.pool_ticket,
            attrs.anchor, attrs.anchor_call, nlp_get_cred(npt->nlp)->cr_uid,

Reply via email to