Date: Wed, 8 Jun 2016 09:40:07 +0000 (UTC) From: Don Lewis <truckman@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r301592 - head/lib/libc/resolv Message-ID: <201606080940.u589e7kn052250@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: truckman Date: Wed Jun 8 09:40:06 2016 New Revision: 301592 URL: https://svnweb.freebsd.org/changeset/base/301592 Log: Don't leak addrinfo if ai->ai_addrlen <= minsiz test fails. If the ai->ai_addrlen <= minsiz test fails, then freeaddrinfo() does not get called to free the memory just allocated by getaddrinfo(). Fix by moving ai->ai_addrlen <= minsiz to a separate nested if block, and keep freeaddrinfo() in the outer block so that freeaddrinfo() will be called whenever getaddrinfo() succeeds. Reported by: Coverity CID: 1273652 Reviewed by: ume MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D6756 Modified: head/lib/libc/resolv/res_init.c Modified: head/lib/libc/resolv/res_init.c ============================================================================== --- head/lib/libc/resolv/res_init.c Wed Jun 8 09:36:07 2016 (r301591) +++ head/lib/libc/resolv/res_init.c Wed Jun 8 09:40:06 2016 (r301592) @@ -411,20 +411,21 @@ __res_vinit(res_state statp, int preinit hints.ai_socktype = SOCK_DGRAM; /*dummy*/ hints.ai_flags = AI_NUMERICHOST; sprintf(sbuf, "%u", NAMESERVER_PORT); - if (getaddrinfo(cp, sbuf, &hints, &ai) == 0 && - ai->ai_addrlen <= minsiz) { - if (statp->_u._ext.ext != NULL) { - memcpy(&statp->_u._ext.ext->nsaddrs[nserv], - ai->ai_addr, ai->ai_addrlen); + if (getaddrinfo(cp, sbuf, &hints, &ai) == 0) { + if (ai->ai_addrlen <= minsiz) { + if (statp->_u._ext.ext != NULL) { + memcpy(&statp->_u._ext.ext->nsaddrs[nserv], + ai->ai_addr, ai->ai_addrlen); + } + if (ai->ai_addrlen <= + sizeof(statp->nsaddr_list[nserv])) { + memcpy(&statp->nsaddr_list[nserv], + ai->ai_addr, ai->ai_addrlen); + } else + statp->nsaddr_list[nserv].sin_family = 0; + nserv++; } - if (ai->ai_addrlen <= - sizeof(statp->nsaddr_list[nserv])) { - memcpy(&statp->nsaddr_list[nserv], - ai->ai_addr, ai->ai_addrlen); - } else - statp->nsaddr_list[nserv].sin_family = 0; freeaddrinfo(ai); - nserv++; } } continue;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201606080940.u589e7kn052250>