Merges in !39, which applied changes from #57/master.
for reporting this issue.
[Gitlab #2]
+- Corrected a number of reference counter and zero-length buffer leaks.
+ [Gitlab #57]
+
Changes since 4.1-ESV-R15
- Corrected dhclient command line parsing for --dad-wait-time that causes
} else {
log_error("Invalid IA_NA option cache.");
dfree(ia, MDL);
- if (ds.len != 0)
- data_string_forget(&ds, MDL);
+ data_string_forget(&ds, MDL);
return ISC_R_UNEXPECTED;
}
}
} else {
log_error("Invalid IA_TA option cache.");
dfree(ia, MDL);
- if (ds.len != 0)
- data_string_forget(&ds, MDL);
+ data_string_forget(&ds, MDL);
return ISC_R_UNEXPECTED;
}
}
} else {
log_error("Invalid IA_PD option cache.");
dfree(ia, MDL);
- if (ds.len != 0)
- data_string_forget(&ds, MDL);
+ data_string_forget(&ds, MDL);
return ISC_R_UNEXPECTED;
}
}
} else {
log_error("Invalid IAADDR option cache.");
dfree(addr, MDL);
- if (ds.len != 0)
- data_string_forget(&ds, MDL);
+ data_string_forget(&ds, MDL);
return ISC_R_UNEXPECTED;
}
}
} else {
log_error("Invalid IAPREFIX option cache.");
dfree(pfx, MDL);
- if (ds.len != 0)
- data_string_forget(&ds, MDL);
+ data_string_forget(&ds, MDL);
return ISC_R_UNEXPECTED;
}
}
}
lease = *src;
- if (lease->server_id.len != 0)
- data_string_forget(&lease->server_id, file, line);
-
+ data_string_forget(&lease->server_id, file, line);
for (ia = lease->bindings ; ia != NULL ; ia = nia) {
nia = ia->next;
"option - discarded",
name);
}
- data_string_forget (&data, MDL);
}
}
+
+ data_string_forget (&data, MDL);
}
}
/* See if there's already such a zone. */
if (dns_zone_lookup (&zone, zname) == ISC_R_SUCCESS) {
/* If it's not a dynamic zone, leave it alone. */
- if (!zone -> timeout)
+ if (!zone -> timeout) {
+ dns_zone_dereference (&zone, MDL);
return;
+ }
+
/* Address may have changed, so just blow it away. */
if (zone -> primary)
option_cache_dereference (&zone -> primary, MDL);
if (zone -> secondary)
option_cache_dereference (&zone -> secondary, MDL);
- } else if (!dns_zone_allocate (&zone, MDL))
+ } else if (!dns_zone_allocate (&zone, MDL)) {
return;
+ }
if (!zone -> name) {
zone -> name =
zone -> primary -> data.len = naddrs * sizeof *addrs;
enter_dns_zone (zone);
+ dns_zone_dereference (&zone, MDL);
}
/* Have to use TXT records for now. */
#if defined (DEBUG_EXPRESSIONS)
log_debug ("exec: statements returns %d", status);
#endif
- if (!status)
+ if (!status) {
+ executable_statement_dereference (&r, MDL);
return 0;
+ }
+
break;
case on_statement:
in_options, out_options, scope, e))) {
executable_statement_dereference
(&e, MDL);
+ executable_statement_dereference
+ (&r, MDL);
return 0;
}
executable_statement_dereference (&e, MDL);
if (!execute_statements
(result, packet, lease, client_state,
in_options, out_options, scope,
- rc ? r -> data.ie.tc : r -> data.ie.fc))
+ rc ? r -> data.ie.tc : r -> data.ie.fc)) {
+ executable_statement_dereference (&r, MDL);
return 0;
+ }
break;
case eval_statement:
#if defined (DEBUG_EXPRESSIONS)
log_debug ("exec: break");
#endif
+ executable_statement_dereference (&r, MDL);
return 1;
case supersede_option_statement:
log_error("parse_option_buffer: "
"No memory.");
buffer_dereference(&bp, MDL);
+ option_dereference(&option, MDL);
return 0;
}
/* Copy old option to new data object. */
log_error("parse_option_buffer: "
"No memory.");
buffer_dereference(&bp, MDL);
+ option_dereference(&option, MDL);
return 0;
}
(option_space_encapsulate
(&encapsulation, packet, lease, client_state,
in_options, cfg_options, scope, &name));
- data_string_forget (&name, MDL);
}
+
+ data_string_forget (&name, MDL);
}
}
}
exit:
for (i = 1; i <= FQDN_SUBOPTION_COUNT; i++) {
- if (results [i].len)
- data_string_forget (&results [i], MDL);
+ data_string_forget (&results[i], MDL);
}
buffer_dereference (&bp, MDL);
if (!status)
exit:
for (i = 1 ; i <= FQDN_SUBOPTION_COUNT ; i++) {
- if (results[i].len)
- data_string_forget(&results[i], MDL);
+ data_string_forget(&results[i], MDL);
}
return rval;
&global_scope, oc, MDL) ||
(relay_msg.len < offsetof(struct dhcpv6_packet, options))) {
log_error("Can't evaluate relay-msg.");
- return;
+ goto cleanup;
}
msg = (const struct dhcpv6_packet *) relay_msg.data;
}
data_string_copy (&nc -> hash_string, &data,
MDL);
- data_string_forget (&data, MDL);
if (!class -> hash)
class_new_hash(&class->hash,
SCLASS_HASH_SIZE, MDL);
classify (packet, nc);
class_dereference (&nc, MDL);
}
+
+ data_string_forget (&data, MDL);
}
}
return matched;
et = (struct executable_statement *)0;
if (!parse_option_statement
(&et, cfile, 1, option,
- supersede_option_statement))
+ supersede_option_statement)) {
+ option_dereference(&option, MDL);
return declaration;
+ }
+
option_dereference(&option, MDL);
goto insert_statement;
} else
if (token != NETMASK) {
parse_warn (cfile, "Expecting netmask");
skip_to_semi (cfile);
+ subnet_dereference (&subnet, MDL);
return;
}
if (token != SLASH) {
parse_warn(cfile, "Expecting a '/'.");
skip_to_semi(cfile);
+ subnet_dereference(&subnet, MDL);
return;
}
if (token != NUMBER) {
parse_warn(cfile, "Expecting a number.");
skip_to_semi(cfile);
+ subnet_dereference(&subnet, MDL);
return;
}
(*endp != '\0')) {
parse_warn(cfile, "Expecting a number between 0 and 128.");
skip_to_semi(cfile);
+ subnet_dereference(&subnet, MDL);
return;
}
if (!is_cidr_mask_valid(&subnet->net, subnet->prefix_len)) {
parse_warn(cfile, "New subnet mask too short.");
skip_to_semi(cfile);
+ subnet_dereference(&subnet, MDL);
return;
}
MDL)) {
log_error ("unknown option space %s.", d1.data);
option_state_dereference (&options, MDL);
- if (subnet)
+ if (subnet) {
subnet_dereference (&subnet, MDL);
+ }
+
+ data_string_forget (&d1, MDL);
return;
}
(const char *)d1.data, d1.len,
MDL)) {
log_error ("unknown option space %s.", d1.data);
+ data_string_forget (&d1, MDL);
return;
}
data_string_forget (&data, MDL);
return 0;
}
+
ia.len = 4;
memcpy (ia.iabuf, data.data, 4);
data_string_forget (&data, MDL);
exit:
if (!ret_val) {
- if (lq->client_id.len > 0) {
- data_string_forget(&lq->client_id, MDL);
- }
- if (lq->server_id.len > 0) {
- data_string_forget(&lq->server_id, MDL);
- }
- if (lq->lq_query.len > 0) {
- data_string_forget(&lq->lq_query, MDL);
- }
+ data_string_forget(&lq->client_id, MDL);
+ data_string_forget(&lq->server_id, MDL);
+ data_string_forget(&lq->lq_query, MDL);
}
return ret_val;
}
ret_val = 1;
exit:
- if (data.len > 0) {
- data_string_forget(&data, MDL);
- }
+ data_string_forget(&data, MDL);
if (!ret_val) {
- if (client_id->len > 0) {
- data_string_forget(client_id, MDL);
- }
+ data_string_forget(client_id, MDL);
}
return ret_val;
}
exit:
if (!ret_val) {
- if (server_id->len > 0) {
- data_string_forget(server_id, MDL);
- }
- if (client_id->len > 0) {
- data_string_forget(client_id, MDL);
- }
+ data_string_forget(server_id, MDL);
+ data_string_forget(client_id, MDL);
}
return ret_val;
}
exit:
if (!ret_val) {
- if (server_id->len > 0) {
- data_string_forget(server_id, MDL);
- }
+ data_string_forget(server_id, MDL);
}
return ret_val;
}
case D6O_IA_PD:
/* prefix */
log_error("create_lease6: prefix pool.");
+ data_string_forget(&ds, MDL);
return ISC_R_INVALIDARG;
default:
log_error("create_lease6: untyped pool.");
+ data_string_forget(&ds, MDL);
return ISC_R_INVALIDARG;
}
projects / thirdparty / dhcp.git / commitdiff
