From 7cbd944662854a0a5264895bcba3ce7f9bfd1c1f Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sun, 26 Mar 2017 17:02:38 -0400 Subject: [PATCH] Fix some minor resource leaks in PerformRadiusTransaction(). Failure to free serveraddrs pointed out by Coverity, failure to close socket noted by code-reading. These bugs seem to be quite old, but given the low probability of taking these error-exit paths and the minimal consequences of the leaks (since the process would presumably exit shortly anyway), it doesn't seem worth back-patching. Michael Paquier and Tom Lane --- src/backend/libpq/auth.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 5f4f55760c1..8f77deae6ce 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -2793,6 +2793,7 @@ PerformRadiusTransaction(char *server, char *secret, char *portstr, char *identi { ereport(LOG, (errmsg("could not generate random encryption vector"))); + pg_freeaddrinfo_all(hint.ai_family, serveraddrs); return STATUS_ERROR; } packet->id = packet->vector[0]; @@ -2827,6 +2828,7 @@ PerformRadiusTransaction(char *server, char *secret, char *portstr, char *identi ereport(LOG, (errmsg("could not perform MD5 encryption of password"))); pfree(cryptvector); + pg_freeaddrinfo_all(hint.ai_family, serveraddrs); return STATUS_ERROR; } @@ -2842,7 +2844,7 @@ PerformRadiusTransaction(char *server, char *secret, char *portstr, char *identi radius_add_attribute(packet, RADIUS_PASSWORD, encryptedpassword, encryptedpasswordlen); - /* Length need to be in network order on the wire */ + /* Length needs to be in network order on the wire */ packetlength = packet->length; packet->length = htons(packet->length); @@ -2868,6 +2870,7 @@ PerformRadiusTransaction(char *server, char *secret, char *portstr, char *identi localaddr.sin_addr.s_addr = INADDR_ANY; addrsize = sizeof(struct sockaddr_in); #endif + if (bind(sock, (struct sockaddr *) & localaddr, addrsize)) { ereport(LOG, @@ -2964,6 +2967,7 @@ PerformRadiusTransaction(char *server, char *secret, char *portstr, char *identi { ereport(LOG, (errmsg("could not read RADIUS response: %m"))); + closesocket(sock); return STATUS_ERROR; } -- 2.39.5