From: David Carlier <dcarlier@deviceatlas.com>
Date: Sat, 14 Feb 2026 13:23:57 +0000 (+0000)
Subject: BUG/MEDIUM: deviceatlas: fix resource leaks on init error paths
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d8f219b380aaa60682cbe945ea24de961aa9fd2b;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: deviceatlas: fix resource leaks on init error paths

When da_atlas_compile() or da_atlas_open() failed in init_deviceatlas(),
atlasimgptr was leaked and da_fini() was never called. Also add a NULL
check on strdup() for the default cookie name with proper cleanup of
the atlas and image pointer on failure.

This should be backported to lower branches.
---

diff --git a/addons/deviceatlas/da.c b/addons/deviceatlas/da.c
index 3b1576678..d40041a6a 100644
--- a/addons/deviceatlas/da.c
+++ b/addons/deviceatlas/da.c
@@ -190,6 +190,8 @@ static int init_deviceatlas(void)
 		if (status != DA_OK) {
 			ha_alert("deviceatlas : '%s' json file is invalid.\n",
 				 global_deviceatlas.jsonpath);
+			free(global_deviceatlas.atlasimgptr);
+			da_fini();
 			err_code |= ERR_ALERT | ERR_FATAL;
 			goto out;
 		}
@@ -199,6 +201,8 @@ static int init_deviceatlas(void)
 
 		if (status != DA_OK) {
 			ha_alert("deviceatlas : data could not be compiled.\n");
+			free(global_deviceatlas.atlasimgptr);
+			da_fini();
 			err_code |= ERR_ALERT | ERR_FATAL;
 			goto out;
 		}
@@ -207,6 +211,14 @@ static int init_deviceatlas(void)
 
 		if (global_deviceatlas.cookiename == 0) {
 			global_deviceatlas.cookiename = strdup(DA_COOKIENAME_DEFAULT);
+			if (unlikely(global_deviceatlas.cookiename == NULL)) {
+				ha_alert("deviceatlas : out of memory.\n");
+				da_atlas_close(&global_deviceatlas.atlas);
+				free(global_deviceatlas.atlasimgptr);
+				da_fini();
+				err_code |= ERR_ALERT | ERR_FATAL;
+				goto out;
+			}
 			global_deviceatlas.cookienamelen = strlen(global_deviceatlas.cookiename);
 		}