[server] port list memory leak bug fix for OpenBSD/pf and FreeBSD/ipf…

…w firewall interface code found by Coverity
mrash · May 19, 2013 · 16f96a3 · 16f96a3
1 parent e31459b
commit 16f96a3
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 2 deletions.
diff --git a/server/access.c b/server/access.c
@@ -871,9 +871,10 @@ acc_data_is_valid(const acc_stanza_t *acc)
         return(0);
     }
 
-    if(acc->hmac_key_len != 0)
+    if((acc->hmac_key_len) != 0 && (acc->hmac_key != NULL))
     {
-        if(((acc->key_len != 0) && (acc->key_len == acc->hmac_key_len)))
+        if((acc->key != NULL) && (acc->key_len != 0)
+                && (acc->key_len == acc->hmac_key_len))
         {
             if(memcmp(acc->key, acc->hmac_key, acc->hmac_key_len) == 0)
             {

diff --git a/server/fw_util_ipfw.c b/server/fw_util_ipfw.c
@@ -511,6 +511,7 @@ process_spa_request(const fko_srv_options_t * const opts,
         if(rule_num == 0)
         {
             log_msg(LOG_WARNING, "Access request rejected: Maximum allowed number of rules has been reached.");
+            free_acc_port_list(port_list);
             return(-1);
         }
 
@@ -577,9 +578,11 @@ process_spa_request(const fko_srv_options_t * const opts,
             log_msg(LOG_WARNING, "Forwarding/NAT requests are not currently supported.");
         }
 
+        free_acc_port_list(port_list);
         return(-1);
     }
 
+    free_acc_port_list(port_list);
     return(res);
 }
 

diff --git a/server/fw_util_pf.c b/server/fw_util_pf.c
@@ -267,6 +267,7 @@ process_spa_request(const fko_srv_options_t * const opts,
                 {
                     log_msg(LOG_WARNING, "Could not execute command: %s",
                         write_cmd);
+                    free_acc_port_list(port_list);
                     return(-1);
                 }
 
@@ -301,6 +302,7 @@ process_spa_request(const fko_srv_options_t * const opts,
                  * of anchor rules.
                 */
                 log_msg(LOG_WARNING, "Max anchor rules reached, try again later.");
+                free_acc_port_list(port_list);
                 return 0;
             }
 
@@ -323,9 +325,11 @@ process_spa_request(const fko_srv_options_t * const opts,
             log_msg(LOG_WARNING, "Forwarding/NAT requests are not currently supported.");
         }
 
+        free_acc_port_list(port_list);
         return(-1);
     }
 
+    free_acc_port_list(port_list);
     return(res);
 }