From: Christopher Faulet <cfaulet@haproxy.com>
Date: Thu, 11 Feb 2021 09:42:41 +0000 (+0100)
Subject: BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints()
X-Git-Tag: v2.4-dev8~81
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4b524124db9dc6e64b4e0f0882b5fc71d24970e0;p=thirdparty%2Fhaproxy.git

BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints()

When an invalid character is found during parsing in parse_dotted_uints()
function, the allocated array of uint must be released. This patch fixes a
memory leak on error path during the configuration parsing.

This patch should fix the issue #1106. It should be backported as far as
2.0. Note that, for 2.1 and 2.0, the function is in src/standard.c
---

diff --git a/src/tools.c b/src/tools.c
index 2d40d8910f..003fb52135 100644
--- a/src/tools.c
+++ b/src/tools.c
@@ -4810,8 +4810,10 @@ int parse_dotted_uints(const char *str, unsigned int **nums, size_t *sz)
 		/* Expected characters after having read an uint: '\0' or '.',
 		 * if '.', must not be terminal.
 		 */
-		if (*s != '\0'&& (*s++ != '.' || s == end))
+		if (*s != '\0'&& (*s++ != '.' || s == end)) {
+			free(n);
 			return 0;
+		}
 
 		n = my_realloc2(n, (*sz + 1) * sizeof *n);
 		if (!n)