Fix memory leak in daemon_unpackapplyfilter() error paths#1640
Fix memory leak in daemon_unpackapplyfilter() error paths#1640nidu-ninja wants to merge 1 commit intothe-tcpdump-group:masterfrom
Conversation
|
Please put the commit message into the commit rather than request description and keep the existing indentation style. |
nidu-ninja
force-pushed
the
rpcapd-error-path-leak
branch
from
7b563c7 to
b76ffe6
Compare
|
For reference, this problem has been known as Coverity CID 1641537. |
| static int | ||
| daemon_unpackapplyfilter(PCAP_SOCKET sockctrl, SSL *ctrl_ssl, struct session *session, uint32_t *plenp, char *errmsgbuf) | ||
| { | ||
| int status; |
There was a problem hiding this comment.
As @infrastation said, please don't change the indentation style - it makes it difficult to see what the real changes are.
|
Avoid merge, use rebase on top of master. |
nidu-ninja
force-pushed
the
rpcapd-error-path-leak
branch
from
7dc5fea to
d78dff8
Compare
| (EOA) as of December 31, 2017 | ||
| Make pcap_compile() error messages more uniform and consistent. | ||
| Deprecate pcap_compile_nopcap(). | ||
| Deprecate bpf_filter(). |
There was a problem hiding this comment.
That's a change for 1.10.7, not 1.11.0.
| Fix DECnet packet filtering on big-endian hosts. | ||
| Fix various failures to reject invalid DECnet primitives. | ||
| Require "vpi" and "vci" values to be within valid ranges. | ||
| Initialize the scratch memory store to 0. |
There was a problem hiding this comment.
This is the only change that you should be making to the CHANGES file.
| In "gateway" negate the host(s), but not the protocol. | ||
| Reject "gateway" within MPLS, VXLAN or Geneve. | ||
| In "net <n> mask <m>" catch ENOMEM for the "m" too. | ||
| Match both byte orders for the AF_ value when filtering DLT_NULL |
| Discuss Linux BPF extensions in the man pages. | ||
| Note endianness in pcap_compile(3PCAP) and pcap_lookupnet(3PCAP). | ||
| man: Document devices, interfaces and "any" better. | ||
| Remove list of OSes that support "ipv6-icmp"; all the ones we |
There was a problem hiding this comment.
This is another 1.10.7 change that should not be added here.
| Remove list of OSes that support "ipv6-icmp"; all the ones we | ||
| support appear to do so. | ||
| Add a README.qnx.md file. | ||
| Improve dcumentation of TLS supprt in rpcapd man page. |
There was a problem hiding this comment.
Don't remove existing CHANGES entries.
| QNX: | ||
| Disable zero-copy BPF to work around portability issues. | ||
| Use "unix.h" instead of the missing <sysexits.h>. | ||
| RDMA: |
There was a problem hiding this comment.
Don't remove existing CHANGES entries and don't remove the 1.10.7 set of changes.
|
It appears that you don't have the current version of the CHANGES file as the baseline for your change. Please fix that. |
|
Whitespaces change problem. Please fix. |
nidu-ninja
force-pushed
the
rpcapd-error-path-leak
branch
2 times, most recently
from
fdbdd17 to
6480125
Compare
|
After the clean-ups the code makes much more sense, thank you. Please wrap the commit message to 72 characters, also there is no need to state the obvious ("Keep existing daemon.c indentation style and make only the relevant CHANGES entry for this fix"). |
It wasn't freed on any return paths, ao it would leak memory even on success (when So it should say
|
|
And the second paragraph just gives the details of how the leak was fixed; it can either be removed or changed to be
|
Fix a memory leak in daemon_unpackapplyfilter() where dynamically allocated BPF instruction memory was not freed before returning. Reported as Coverity CID 1641537.
nidu-ninja
force-pushed
the
rpcapd-error-path-leak
branch
from
6480125 to
8ef2fa3
Compare
4 participants
Fix a memory leak in daemon_unpackapplyfilter() where dynamically
allocated BPF instruction memory was not freed on early-return
error paths.
This change introduces a structured cleanup block to ensure
allocated memory is released when instruction reception,
validation, or filter application fails.