diff options
author | Kristof Provost <kp@FreeBSD.org> | 2023-12-11 19:43:20 +0000 |
---|---|---|
committer | Kristof Provost <kp@FreeBSD.org> | 2023-12-11 19:53:00 +0000 |
commit | e249f5daa41f73eb293490ed93d06d1fefa08d82 (patch) | |
tree | e56de0f49805d68ea739eaa8089635bcd18ef4d1 | |
parent | 8ccd0b876e67fda6249f294ff484798cc1e1569f (diff) | |
download | src-e249f5daa41f73eb293490ed93d06d1fefa08d82.tar.gz src-e249f5daa41f73eb293490ed93d06d1fefa08d82.zip |
pf: fix memory leak on rule add parse failure
Reported by: Igor Ostapenko <pm@igoro.pro>
Reviewed by: Igor Ostapenko <pm@igoro.pro>
Sponsored by: Rubicon Communications, LLC ("Netgate")
-rw-r--r-- | sys/netpfil/pf/pf_nl.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/netpfil/pf/pf_nl.c b/sys/netpfil/pf/pf_nl.c index 86cc5ba9cc91..67a7392ae448 100644 --- a/sys/netpfil/pf/pf_nl.c +++ b/sys/netpfil/pf/pf_nl.c @@ -625,8 +625,10 @@ pf_handle_addrule(struct nlmsghdr *hdr, struct nl_pstate *npt) attrs.rule = pf_krule_alloc(); error = nl_parse_nlmsg(hdr, &addrule_parser, npt, &attrs); - if (error != 0) + if (error != 0) { + pf_free_rule(attrs.rule); return (error); + } error = pf_ioctl_addrule(attrs.rule, attrs.ticket, attrs.pool_ticket, attrs.anchor, attrs.anchor_call, nlp_get_cred(npt->nlp)->cr_uid, |