git: 520e0f576f71 - main - udp: Fix resource leaks in an error path in udp6_send()
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 05 Jun 2026 21:49:30 UTC
The branch main has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=520e0f576f710eb60fb901b87b4eb0e1530362ae
commit 520e0f576f710eb60fb901b87b4eb0e1530362ae
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2026-06-05 21:48:35 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2026-06-05 21:49:11 +0000
udp: Fix resource leaks in an error path in udp6_send()
Reported by: Andrew Griffiths <andrew@calif.io>
Fixes: 069a67374ed9 ("ip6: Remove support for RFC2675 (Jumbo Payload Option)")
Reviewed by: pouria, tuexen, glebius
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57341
---
sys/netinet6/udp6_usrreq.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c
index ede791a7d175..6ef79d2fd868 100644
--- a/sys/netinet6/udp6_usrreq.c
+++ b/sys/netinet6/udp6_usrreq.c
@@ -862,11 +862,9 @@ udp6_send(struct socket *so, int flags_arg, struct mbuf *m,
ulen = m->m_pkthdr.len;
plen = sizeof(struct udphdr) + ulen;
hlen = sizeof(struct ip6_hdr);
-
if (plen > IPV6_MAXPAYLOAD) {
- m_freem(control);
- m_freem(m);
- return (EMSGSIZE);
+ error = EMSGSIZE;
+ goto release;
}
/*