git: ea15fe2e8cbc - main - pf: fix memory leak in legacy getstate calls
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 02 Sep 2025 21:10:56 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=ea15fe2e8cbc3a5d3f62a9d22e0e4bef63f611eb
commit ea15fe2e8cbc3a5d3f62a9d22e0e4bef63f611eb
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-08-29 14:27:52 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-09-02 21:10:21 +0000
pf: fix memory leak in legacy getstate calls
If we fail to copy the data out we didn't free the temporary allocation.
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sys/netpfil/pf/pf_ioctl.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index 7a14c0946dfc..9ca7c6759e27 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -4125,8 +4125,10 @@ DIOCGETSTATES_retry:
PF_HASHROW_UNLOCK(ih);
error = copyout(pstore, out,
sizeof(struct pfsync_state_1301) * count);
- if (error)
+ if (error) {
+ free(pstore, M_PF);
goto fail;
+ }
out = ps->ps_states + nr;
}
DIOCGETSTATES_full:
@@ -4203,8 +4205,10 @@ DIOCGETSTATESV2_retry:
PF_HASHROW_UNLOCK(ih);
error = copyout(pstore, out,
sizeof(struct pf_state_export) * count);
- if (error)
+ if (error) {
+ free(pstore, M_PF);
goto fail;
+ }
out = ps->ps_states + nr;
}
DIOCGETSTATESV2_full: