git: 8423bf2a9e60 - stable/14 - libpfctl: handle allocation failure

From: Kristof Provost <kp_at_FreeBSD.org>
Date: Fri, 24 Nov 2023 14:10:44 UTC
The branch stable/14 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=8423bf2a9e60a12e5978ed453eb16533247fa25a

commit 8423bf2a9e60a12e5978ed453eb16533247fa25a
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-11-17 09:14:59 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-11-24 09:19:08 +0000

    libpfctl: handle allocation failure
    
    While it's unlikely for userspace to fail to allocate memory it is still
    possible. Handle malloc() returning NULL.
    
    Reported by:    Bill Meeks <bill@themeeks.net>
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 33d55d0d0f33787e9e2796b5000be73af42573bc)
---
 lib/libpfctl/libpfctl.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c
index 72da534ac1df..1ef96f52c19c 100644
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@@ -71,6 +71,11 @@ pfctl_do_ioctl(int dev, uint cmd, size_t size, nvlist_t **nvl)
 
 retry:
 	nv.data = malloc(size);
+	if (nv.data == NULL) {
+		ret = ENOMEM;
+		goto out;
+	}
+
 	memcpy(nv.data, data, nvlen);
 
 	nv.len = nvlen;
@@ -190,6 +195,8 @@ _pfctl_get_status_counters(const nvlist_t *nvl,
 		struct pfctl_status_counter *c;
 
 		c = malloc(sizeof(*c));
+		if (c == NULL)
+			continue;
 
 		c->id = ids[i];
 		c->counter = counts[i];