[server] port list memory leak bug fix for OpenBSD/pf and FreeBSD/ipfw firewall inter...
authorMichael Rash <mbr@cipherdyne.org>
Sun, 19 May 2013 18:36:32 +0000 (14:36 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sun, 19 May 2013 18:36:32 +0000 (14:36 -0400)
server/access.c
server/fw_util_ipfw.c
server/fw_util_pf.c

index 85be75d..3040863 100644 (file)
@@ -871,9 +871,10 @@ acc_data_is_valid(const acc_stanza_t *acc)
         return(0);
     }
 
-    if(acc->hmac_key_len != 0)
+    if((acc->hmac_key_len) != 0 && (acc->hmac_key != NULL))
     {
-        if(((acc->key_len != 0) && (acc->key_len == acc->hmac_key_len)))
+        if((acc->key != NULL) && (acc->key_len != 0)
+                && (acc->key_len == acc->hmac_key_len))
         {
             if(memcmp(acc->key, acc->hmac_key, acc->hmac_key_len) == 0)
             {
index c2c71f5..5f893cc 100644 (file)
@@ -511,6 +511,7 @@ process_spa_request(const fko_srv_options_t * const opts,
         if(rule_num == 0)
         {
             log_msg(LOG_WARNING, "Access request rejected: Maximum allowed number of rules has been reached.");
+            free_acc_port_list(port_list);
             return(-1);
         }
 
@@ -577,9 +578,11 @@ process_spa_request(const fko_srv_options_t * const opts,
             log_msg(LOG_WARNING, "Forwarding/NAT requests are not currently supported.");
         }
 
+        free_acc_port_list(port_list);
         return(-1);
     }
 
+    free_acc_port_list(port_list);
     return(res);
 }
 
index 1c871cb..e59f888 100644 (file)
@@ -267,6 +267,7 @@ process_spa_request(const fko_srv_options_t * const opts,
                 {
                     log_msg(LOG_WARNING, "Could not execute command: %s",
                         write_cmd);
+                    free_acc_port_list(port_list);
                     return(-1);
                 }
 
@@ -301,6 +302,7 @@ process_spa_request(const fko_srv_options_t * const opts,
                  * of anchor rules.
                 */
                 log_msg(LOG_WARNING, "Max anchor rules reached, try again later.");
+                free_acc_port_list(port_list);
                 return 0;
             }
 
@@ -323,9 +325,11 @@ process_spa_request(const fko_srv_options_t * const opts,
             log_msg(LOG_WARNING, "Forwarding/NAT requests are not currently supported.");
         }
 
+        free_acc_port_list(port_list);
         return(-1);
     }
 
+    free_acc_port_list(port_list);
     return(res);
 }