From: Willy Tarreau <w@1wt.eu>
Date: Sun, 26 Apr 2026 21:49:35 +0000 (+0200)
Subject: BUG/MINOR: sample: fix memory leak in check_when_cond() when ACL is not found
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=a4f27d96c6be56806aa493f72718aea3c1e28a85;p=thirdparty%2Fhaproxy.git

BUG/MINOR: sample: fix memory leak in check_when_cond() when ACL is not found

When find_acl_by_name() and find_acl_default() both fail when parsing
converter "when(ACL,foo)", the previously allocated acl_sample struct
is leaked. Free it before returning 0. This can be backported to stable
versions.
---

diff --git a/src/sample.c b/src/sample.c
index 80cd93008..b6ec6ec77 100644
--- a/src/sample.c
+++ b/src/sample.c
@@ -4114,6 +4114,7 @@ static int check_when_cond(struct arg *args, struct sample_conv *conv,
 		if (!(acl_sample->terms[0].acl = find_acl_by_name(args[1].data.str.area, &curproxy->acl)) &&
 		    !(acl_sample->terms[0].acl = find_acl_default(args[1].data.str.area, &curproxy->acl, err, NULL, NULL, 0))) {
 			memprintf(err, "ACL '%s' not found", args[1].data.str.area);
+			free(acl_sample);
 			return 0;
 		}