From 1bc51f3caf50dfac04a473965a84d70f9bbb3250 Mon Sep 17 00:00:00 2001 From: truckman Date: Wed, 15 Jun 2016 06:40:30 +0000 Subject: [PATCH] MFC r301592 Don't leak addrinfo if ai->ai_addrlen <= minsiz test fails. If the ai->ai_addrlen <= minsiz test fails, then freeaddrinfo() does not get called to free the memory just allocated by getaddrinfo(). Fix by moving ai->ai_addrlen <= minsiz to a separate nested if block, and keep freeaddrinfo() in the outer block so that freeaddrinfo() will be called whenever getaddrinfo() succeeds. Reported by: Coverity CID: 1273652 Reviewed by: ume Differential Revision: https://reviews.freebsd.org/D6756 git-svn-id: svn://svn.freebsd.org/base/stable/10@301920 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f --- lib/libc/resolv/res_init.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/lib/libc/resolv/res_init.c b/lib/libc/resolv/res_init.c index 41e9f5abd..715b6544d 100644 --- a/lib/libc/resolv/res_init.c +++ b/lib/libc/resolv/res_init.c @@ -412,20 +412,21 @@ __res_vinit(res_state statp, int preinit) { hints.ai_socktype = SOCK_DGRAM; /*dummy*/ hints.ai_flags = AI_NUMERICHOST; sprintf(sbuf, "%u", NAMESERVER_PORT); - if (getaddrinfo(cp, sbuf, &hints, &ai) == 0 && - ai->ai_addrlen <= minsiz) { - if (statp->_u._ext.ext != NULL) { - memcpy(&statp->_u._ext.ext->nsaddrs[nserv], - ai->ai_addr, ai->ai_addrlen); + if (getaddrinfo(cp, sbuf, &hints, &ai) == 0) { + if (ai->ai_addrlen <= minsiz) { + if (statp->_u._ext.ext != NULL) { + memcpy(&statp->_u._ext.ext->nsaddrs[nserv], + ai->ai_addr, ai->ai_addrlen); + } + if (ai->ai_addrlen <= + sizeof(statp->nsaddr_list[nserv])) { + memcpy(&statp->nsaddr_list[nserv], + ai->ai_addr, ai->ai_addrlen); + } else + statp->nsaddr_list[nserv].sin_family = 0; + nserv++; } - if (ai->ai_addrlen <= - sizeof(statp->nsaddr_list[nserv])) { - memcpy(&statp->nsaddr_list[nserv], - ai->ai_addr, ai->ai_addrlen); - } else - statp->nsaddr_list[nserv].sin_family = 0; freeaddrinfo(ai); - nserv++; } } continue; -- 2.45.0