From: Steffan Karger <steffan@karger.me>
Date: Fri, 6 Nov 2015 07:42:39 +0000 (+0100)
Subject: Fix (potential) memory leak in init_route_list()
X-Git-Tag: v2.4_alpha1~205
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3671bd185a914dc1d91c8a967e1c3a14dedacd32;p=thirdparty%2Fopenvpn.git

Fix (potential) memory leak in init_route_list()

init_route() can allocate memory in netlist, but fail in many more ways
than just fail to allocate.  Thus, always check and clean up netlist if
needed, instead of just when init_route() succeeds.

This fix is for master only.  The release/2.3 branch cleans up netlist
immediately, and needs a different patch for a similar problem.

Found using coverity.

v2: initialize netlist to NULL

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1446795759-3288-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10443
Signed-off-by: Gert Doering <gert@greenie.muc.de>
---

diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 096e3bc3d..58b16c0f8 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -634,7 +634,7 @@ init_route_list (struct route_list *rl,
     struct route_option *ro;
     for (ro = opt->routes; ro; ro = ro->next)
       {
-        struct addrinfo* netlist;
+        struct addrinfo* netlist = NULL;
 	struct route_ipv4 r;
 
 	if (!init_route (&r, &netlist, ro, rl))
@@ -642,7 +642,6 @@ init_route_list (struct route_list *rl,
 	else
 	  {
             struct addrinfo* curele;
-            gc_addspecial(netlist, &gc_freeaddrinfo_callback, &gc);
             for (curele	= netlist; curele; curele = curele->ai_next)
 	      {
                 struct route_ipv4 *new;
@@ -653,6 +652,8 @@ init_route_list (struct route_list *rl,
                 rl->routes = new;
 	      }
 	  }
+	if (netlist)
+	  gc_addspecial(netlist, &gc_freeaddrinfo_callback, &gc);
       }
   }