From 99782bd23feec8d42b22912d20027a0d4f4e9b47 Mon Sep 17 00:00:00 2001
From: Mark Wielaard <mark@klomp.org>
Date: Wed, 1 Dec 2021 13:12:49 +0100
Subject: [PATCH] debuginfod: Fix some memory leaks on debuginfod-client error
 paths.

In a couple of places we might leak some memory when we encounter
an error. tmp_url might leak if realloc failed. escaped_string might
leak when setting up the data handle fails and we don't use it.
And one of the goto out1 should have been goto out2 to make sure
we release all allocated resources on exit (also updated a wrong
comment about that).

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 debuginfod/ChangeLog           |  7 +++++++
 debuginfod/debuginfod-client.c | 16 +++++++++++-----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index 625dead03..21d0721ef 100644
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,10 @@
+2021-12-01  Mark Wielaard  <mark@klomp.org>
+
+	* debuginfod-client.c (debuginfod_query_server): Free tmp_url on
+	realloc error. curl_free escaped_string on error. Fix error out
+	goto on curl_easy_init failure. Only cleanup data[i] handle and
+	response_data if it was initialized.
+
 2021-12-01  Mark Wielaard  <mark@klomp.org>
 
 	* debuginfod-client.c (timestamp): Use gmtime_r instead of gmtime.
diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index c875ee627..75d3e3016 100644
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -1,5 +1,6 @@
 /* Retrieve ELF / DWARF / source files from the debuginfod.
    Copyright (C) 2019-2021 Red Hat, Inc.
+   Copyright (C) 2021 Mark J. Wielaard <mark@klomp.org>
    This file is part of elfutils.
 
    This file is free software; you can redistribute it and/or modify
@@ -882,6 +883,7 @@ debuginfod_query_server (debuginfod_client *c,
                                          sizeof(char*));
           if (realloc_ptr == NULL)
             {
+              free (tmp_url);
               rc = -ENOMEM;
               goto out1;
             }
@@ -909,7 +911,7 @@ debuginfod_query_server (debuginfod_client *c,
       goto out1;
     }
 
-  /* thereafter, goto out1 on error.  */
+  /* thereafter, goto out2 on error.  */
 
  /*The beginning of goto block query_in_parallel.*/
  query_in_parallel:
@@ -962,8 +964,9 @@ debuginfod_query_server (debuginfod_client *c,
       data[i].handle = curl_easy_init();
       if (data[i].handle == NULL)
         {
+          if (filename) curl_free (escaped_string);
           rc = -ENETUNREACH;
-          goto out1;
+          goto out2;
         }
       data[i].client = c;
 
@@ -1384,9 +1387,12 @@ debuginfod_query_server (debuginfod_client *c,
   /* remove all handles from multi */
   for (int i = 0; i < num_urls; i++)
     {
-      curl_multi_remove_handle(curlm, data[i].handle); /* ok to repeat */
-      curl_easy_cleanup (data[i].handle);
-      free (data[i].response_data);
+      if (data[i].handle != NULL)
+	{
+	  curl_multi_remove_handle(curlm, data[i].handle); /* ok to repeat */
+	  curl_easy_cleanup (data[i].handle);
+	  free (data[i].response_data);
+	}
     }
 
   unlink (target_cache_tmppath);
-- 
2.47.3