diff options
author | glebius <glebius@FreeBSD.org> | 2006-01-14 12:16:39 +0000 |
---|---|---|
committer | glebius <glebius@FreeBSD.org> | 2006-01-14 12:16:39 +0000 |
commit | 5ef919b3b495651dba3441437b4aac93aec228ed (patch) | |
tree | 89483fba5cdffff6f085b51e299b05abb8b3a895 | |
parent | c3a7d3e5b2aaba4615dfe7627799169f8c59fb9a (diff) | |
download | FreeBSD-src-5ef919b3b495651dba3441437b4aac93aec228ed.zip FreeBSD-src-5ef919b3b495651dba3441437b4aac93aec228ed.tar.gz |
Fix two memory leakages.
Found with: Coverity Prevent(tm)
-rw-r--r-- | sys/netgraph/ng_parse.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/sys/netgraph/ng_parse.c b/sys/netgraph/ng_parse.c index 0687937..5ec271d 100644 --- a/sys/netgraph/ng_parse.c +++ b/sys/netgraph/ng_parse.c @@ -46,6 +46,7 @@ #include <sys/systm.h> #include <sys/kernel.h> #include <sys/errno.h> +#include <sys/limits.h> #include <sys/malloc.h> #include <sys/mbuf.h> #include <sys/ctype.h> @@ -799,10 +800,10 @@ ng_fixedstring_parse(const struct ng_parse_type *type, int len; int slen; - if ((sval = ng_get_string_token(s, off, &len, &slen)) == NULL) - return (EINVAL); if (slen + 1 > fi->bufSize) return (E2BIG); + if ((sval = ng_get_string_token(s, off, &len, &slen)) == NULL) + return (EINVAL); *off += len; bcopy(sval, buf, slen); FREE(sval, M_NETGRAPH_PARSE); @@ -900,9 +901,9 @@ ng_sizedstring_parse(const struct ng_parse_type *type, int len; int slen; - if ((sval = ng_get_string_token(s, off, &len, &slen)) == NULL) + if (slen > USHRT_MAX) return (EINVAL); - if (slen > 0xffff) + if ((sval = ng_get_string_token(s, off, &len, &slen)) == NULL) return (EINVAL); *off += len; *((u_int16_t *)buf) = (u_int16_t)slen; |