From cf9da2be15e7042c20f96b6a573305f8d35268d4 Mon Sep 17 00:00:00 2001 From: Ken Steele Date: Fri, 20 Dec 2013 16:36:58 -0500 Subject: [PATCH] Fix DetectReplaceAddToList I see two problems: 1) If allocating a newlist fails, the function returns NULL, which then leaks any existing list elements. 2) The code to add the new value to the list works for the first two, but for not the third. For example, replist=A, A->next=B, B->next=NULL, then adding C results in replist=A, A->next=C, C->next=NULL, B is lost. The fix pushes new values onto the head of the list, which might not be what is needed, but there are no comments on what the function does, so I made an assumption. --- src/detect-replace.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/detect-replace.c b/src/detect-replace.c index 3bf725a992..0d1b272576 100644 --- a/src/detect-replace.c +++ b/src/detect-replace.c @@ -161,16 +161,13 @@ DetectReplaceList * DetectReplaceAddToList(DetectReplaceList *replist, uint8_t * newlist = SCMalloc(sizeof(DetectReplaceList)); if (unlikely(newlist == NULL)) - return NULL; + return replist; newlist->found = found; newlist->cd = cd; - newlist->next = NULL; + /* Push new value onto the front of the list. */ + newlist->next = replist; - if (replist) { - replist->next = newlist; - return replist; - } else - return newlist; + return newlist; } @@ -195,7 +192,7 @@ void DetectReplaceFreeInternal(DetectReplaceList *replist) { DetectReplaceList *tlist = NULL; while(replist) { - SCLogDebug("replace: Freing match"); + SCLogDebug("replace: Freeing match"); tlist = replist; replist = replist->next; SCFree(tlist); -- 2.47.2