Fix DetectReplaceAddToList

I see two problems:
1) If allocating a newlist fails, the function returns NULL, which then
   leaks any existing list elements.
2) The code to add the new value to the list works for the first two, but
   for not the third. For example, replist=A, A->next=B, B->next=NULL, then
   adding C results in replist=A, A->next=C, C->next=NULL, B is lost.

The fix pushes new values onto the head of the list, which might not be
what is needed, but there are no comments on what the function does, so I
made an assumption.

diff --git a/src/detect-replace.c b/src/detect-replace.c
index 3bf725a992e1769a353cc72dd12faa50731569f7..0d1b2725765d24f1b4bd18727b827693e1085a17 100644 (file)
--- a/src/detect-replace.c
+++ b/src/detect-replace.c
@@ -161,16 +161,13 @@ DetectReplaceList * DetectReplaceAddToList(DetectReplaceList *replist, uint8_t *
 
     newlist = SCMalloc(sizeof(DetectReplaceList));
     if (unlikely(newlist == NULL))
-        return NULL;
+        return replist;
     newlist->found = found;
     newlist->cd = cd;
-    newlist->next = NULL;
+    /* Push new value onto the front of the list. */
+    newlist->next = replist;
 
-    if (replist) {
-        replist->next = newlist;
-        return replist;
-    } else
-        return newlist;
+    return newlist;
 }
 
 
@@ -195,7 +192,7 @@ void DetectReplaceFreeInternal(DetectReplaceList *replist)
 {
     DetectReplaceList *tlist = NULL;
     while(replist) {
-        SCLogDebug("replace: Freing match");
+        SCLogDebug("replace: Freeing match");
         tlist = replist;
         replist = replist->next;
         SCFree(tlist);