From 841e4aed2349046eb2c0b1375139c06569a93bd0 Mon Sep 17 00:00:00 2001
From: Martin Josefsson <gandalf@wlug.westbo.se>
Date: Fri, 2 May 2003 15:30:11 +0000
Subject: fix memory leak(s) in libiptc. Reverts the previous (wrong) patch. 
 (Martin Josefsson)

---
 libiptc/libiptc.c | 44 ++++++++++++++++++++++++++++----------------
 1 file changed, 28 insertions(+), 16 deletions(-)

(limited to 'libiptc/libiptc.c')

diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 55b708b8..fa735637 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -1,4 +1,4 @@
-/* Library which manipulates firewall rules.  Version $Revision: 1.35 $ */
+/* Library which manipulates firewall rules.  Version $Revision: 1.36 $ */
 
 /* Architecture of firewall rules is as follows:
  *
@@ -237,22 +237,26 @@ TC_INIT(const char *tablename)
 	if (sockfd != -1)
 		close(sockfd);
 
+	if (strlen(tablename) >= TABLE_MAXNAMELEN) {
+		errno = EINVAL;
+		return NULL;
+	}
+	
 	sockfd = socket(TC_AF, SOCK_RAW, IPPROTO_RAW);
 	if (sockfd < 0)
 		return NULL;
 
 	s = sizeof(info);
-	if (strlen(tablename) >= TABLE_MAXNAMELEN) {
-		errno = EINVAL;
-		return NULL;
-	}
+
 	strcpy(info.name, tablename);
 	if (getsockopt(sockfd, TC_IPPROTO, SO_GET_INFO, &info, &s) < 0)
 		return NULL;
 
 	if ((h = alloc_handle(info.name, info.size, info.num_entries))
-	    == NULL)
+	    == NULL) {
+		close(sockfd);
 		return NULL;
+	}
 
 /* Too hard --RR */
 #if 0
@@ -284,6 +288,7 @@ TC_INIT(const char *tablename)
 
 	if (getsockopt(sockfd, TC_IPPROTO, SO_GET_ENTRIES, &h->entries,
 		       &tmp) < 0) {
+		close(sockfd);
 		free(h);
 		return NULL;
 	}
@@ -292,6 +297,16 @@ TC_INIT(const char *tablename)
 	return h;
 }
 
+void
+TC_FREE(TC_HANDLE_T *h)
+{
+	close(sockfd);
+	if ((*h)->cache_chain_heads)
+		free((*h)->cache_chain_heads);
+	free(*h);
+	*h = NULL;
+}
+
 static inline int
 print_match(const STRUCT_ENTRY_MATCH *m)
 {
@@ -504,10 +519,8 @@ TC_NEXT_CHAIN(TC_HANDLE_T *handle)
 	(*handle)->cache_chain_iteration++;
 
 	if ((*handle)->cache_chain_iteration - (*handle)->cache_chain_heads
-	    == (*handle)->cache_num_chains) {
-		free((*handle)->cache_chain_heads);
+	    == (*handle)->cache_num_chains)
 		return NULL;
-	}
 
 	return (*handle)->cache_chain_iteration->name;
 }
@@ -1584,11 +1597,13 @@ TC_COMMIT(TC_HANDLE_T *handle)
 	STRUCT_REPLACE *repl;
 	STRUCT_COUNTERS_INFO *newcounters;
 	unsigned int i;
-	size_t counterlen
-		= sizeof(STRUCT_COUNTERS_INFO)
-		+ sizeof(STRUCT_COUNTERS) * (*handle)->new_number;
+	size_t counterlen;
 
 	CHECK(*handle);
+
+	counterlen = sizeof(STRUCT_COUNTERS_INFO)
+			+ sizeof(STRUCT_COUNTERS) * (*handle)->new_number;
+
 #if 0
 	TC_DUMP_ENTRIES(*handle);
 #endif
@@ -1715,10 +1730,7 @@ TC_COMMIT(TC_HANDLE_T *handle)
 	free(newcounters);
 
  finished:
-	if ((*handle)->cache_chain_heads)
-		free((*handle)->cache_chain_heads);
-	free(*handle);
-	*handle = NULL;
+	TC_FREE(handle);
 	return 1;
 }
 
-- 
cgit v1.2.3