diff options
| author | Tobias Heider <tobhe@cvs.openbsd.org> | 2023-03-10 19:26:07 +0000 |
|---|---|---|
| committer | Tobias Heider <tobhe@cvs.openbsd.org> | 2023-03-10 19:26:07 +0000 |
| commit | b9a27be26c3d6cfac461ec7977979773a2646b47 (patch) | |
| tree | 025288db762c51751d74ae7e55c2f659e1cd804b | |
| parent | 2a0615c7fc18b322fb166d564110833ca24946bb (diff) | |
Fix possible leak of spibuf and flowbuf in error case.
ok patrick@ bluhm@
| -rw-r--r-- | sbin/iked/ikev2.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 8c625df451c..8533d8cec73 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.364 2023/03/05 22:17:22 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.365 2023/03/10 19:26:06 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -6421,6 +6421,7 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa) uint16_t encrid = 0, integrid = 0, groupid = 0; size_t encrlen = 0, integrlen = 0; int esn = 0; + int ret = -1; TAILQ_FOREACH(csa, &sa->sa_childsas, csa_entry) { if (csa->csa_rekey || csa->csa_loaded) @@ -6438,7 +6439,7 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa) log_debug("%s: failed to load CHILD SA spi %s", __func__, print_spi(csa->csa_spi.spi, csa->csa_spi.spi_size)); - return (-1); + goto done; } if (ipcomp) { if (pfkey_sa_add(env, ipcomp, csa) != 0) { @@ -6514,7 +6515,7 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa) if (pfkey_flow_add(env, flow) != 0) { log_debug("%s: failed to load flow", __func__); - return (-1); + goto done; } if ((oflow = RB_FIND(iked_flows, &env->sc_activeflows, flow)) @@ -6582,9 +6583,12 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa) if (ibuf_strlen(flowbuf)) log_info("%s: loaded flows: %.*s", SPI_SA(sa, __func__), ibuf_strlen(flowbuf), ibuf_data(flowbuf)); + + ret = 0; + done: ibuf_release(spibuf); ibuf_release(flowbuf); - return (0); + return (ret); } int |