detect/transform: fix leak in xor transform parse

Fixes: 8984bc680112 ("transforms: move xor to rust")

diff --git a/rust/src/detect/transforms/xor.rs b/rust/src/detect/transforms/xor.rs
index cf801170d9774cae5d5357c3b5a801ecb86cae2b..b8b40400ac7216e61abbce212d8cb429ea3612a0 100644 (file)
--- a/rust/src/detect/transforms/xor.rs
+++ b/rust/src/detect/transforms/xor.rs
@@ -60,13 +60,17 @@ unsafe fn xor_parse(raw: *const std::os::raw::c_char) -> *mut c_void {
 
 #[no_mangle]
 unsafe extern "C" fn xor_setup(
-    _de: *mut c_void, s: *mut c_void, opt_str: *const std::os::raw::c_char,
+    de: *mut c_void, s: *mut c_void, opt_str: *const std::os::raw::c_char,
 ) -> c_int {
     let ctx = xor_parse(opt_str);
     if ctx.is_null() {
         return -1;
     }
-    return DetectSignatureAddTransform(s, G_TRANSFORM_XOR_ID, ctx);
+    let r = DetectSignatureAddTransform(s, G_TRANSFORM_XOR_ID, ctx);
+    if r != 0 {
+        xor_free(de, ctx);
+    }
+    return r;
 }
 
 fn xor_transform_do(input: &[u8], output: &mut [u8], ctx: &DetectTransformXorData) {