Fix (potential) memory leak in init_route_list()

init_route() can allocate memory in netlist, but fail in many more ways
than just fail to allocate.  Thus, always check and clean up netlist if
needed, instead of just when init_route() succeeds.

This fix is for master only.  The release/2.3 branch cleans up netlist
immediately, and needs a different patch for a similar problem.

Found using coverity.

v2: initialize netlist to NULL

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1446795759-3288-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10443
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 096e3bc3d6809ddff9a5ee96d57b96f24348c615..58b16c0f84ba647b9b82f8e69c5b7918036ee40b 100644 (file)
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -634,7 +634,7 @@ init_route_list (struct route_list *rl,
     struct route_option *ro;
     for (ro = opt->routes; ro; ro = ro->next)
       {
-        struct addrinfo* netlist;
+        struct addrinfo* netlist = NULL;
        struct route_ipv4 r;
 
        if (!init_route (&r, &netlist, ro, rl))
@@ -642,7 +642,6 @@ init_route_list (struct route_list *rl,
        else
          {
             struct addrinfo* curele;
-            gc_addspecial(netlist, &gc_freeaddrinfo_callback, &gc);
             for (curele        = netlist; curele; curele = curele->ai_next)
              {
                 struct route_ipv4 *new;
@@ -653,6 +652,8 @@ init_route_list (struct route_list *rl,
                 rl->routes = new;
              }
          }
+       if (netlist)
+         gc_addspecial(netlist, &gc_freeaddrinfo_callback, &gc);
       }
   }