Fix memory leak possible in error case.

Use free_rule() instead of free(), it will also release memory allocated for rule counters. Obtained from: Yandex LLC Sponsored by: Yandex LLC
author: ae <ae@FreeBSD.org> 2016-05-11 10:04:32 +0000
committer: ae <ae@FreeBSD.org> 2016-05-11 10:04:32 +0000
commit: ae12c4ca15f8e83257d28cff10c3117cfbdba59c (patch)
tree: 1b86a8af5e8bd18be4aeb9331e1f01b12571e49d /sys/netpfil/ipfw
parent: 6517c9db491c33980f1ce202e5363102be7bf7d0 (diff)
download: FreeBSD-src-ae12c4ca15f8e83257d28cff10c3117cfbdba59c.zip
FreeBSD-src-ae12c4ca15f8e83257d28cff10c3117cfbdba59c.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/sys/netpfil/ipfw/ip_fw_sockopt.c b/sys/netpfil/ipfw/ip_fw_sockopt.c
index 2f41d23..c183dfc 100644
--- a/sys/netpfil/ipfw/ip_fw_sockopt.c
+++ b/sys/netpfil/ipfw/ip_fw_sockopt.c
@@ -2751,7 +2751,7 @@ add_rules(struct ip_fw_chain *chain, ip_fw3_opheader *op3,
 	if ((error = commit_rules(chain, cbuf, rtlv->count)) != 0) {
 		/* Free allocate krules */
 		for (i = 0, ci = cbuf; i < rtlv->count; i++, ci++)
-			free(ci->krule, M_IPFW);
+			free_rule(ci->krule);
 	}
 
 	if (cbuf != NULL && cbuf != &rci)
@@ -3574,7 +3574,9 @@ ipfw_ctl(struct sockopt *sopt)
 			ci.krule = krule;
 			import_rule0(&ci);
 			error = commit_rules(chain, &ci, 1);
-			if (!error && sopt->sopt_dir == SOPT_GET) {
+			if (error != 0)
+				free_rule(ci.krule);
+			else if (sopt->sopt_dir == SOPT_GET) {
 				if (is7) {
 					error = convert_rule_to_7(rule);
 					size = RULESIZE7(rule);
author	ae <ae@FreeBSD.org>	2016-05-11 10:04:32 +0000
committer	ae <ae@FreeBSD.org>	2016-05-11 10:04:32 +0000
commit	ae12c4ca15f8e83257d28cff10c3117cfbdba59c (patch)
tree	1b86a8af5e8bd18be4aeb9331e1f01b12571e49d /sys/netpfil/ipfw
parent	6517c9db491c33980f1ce202e5363102be7bf7d0 (diff)
download	FreeBSD-src-ae12c4ca15f8e83257d28cff10c3117cfbdba59c.zip FreeBSD-src-ae12c4ca15f8e83257d28cff10c3117cfbdba59c.tar.gz