git: 27c77f42ae74 - main - libpfctl: Improve error handling in pfctl_get_states()

Mon May 31 13:38:48 UTC 2021

The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=27c77f42ae7402c313deec47aa67a8a8e0889410

commit 27c77f42ae7402c313deec47aa67a8a8e0889410
Author:     Kristof Provost <kp at FreeBSD.org>
AuthorDate: 2021-05-27 09:43:17 +0000
Commit:     Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-05-31 12:18:47 +0000

    libpfctl: Improve error handling in pfctl_get_states()
    
    Ensure that we always free nvlists and other allocated memory.
    
    Reviewed by:    scottl
    MFC after:      3 days
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D30493
---
 lib/libpfctl/libpfctl.c | 28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c
index ebc026800a1b..52cd0ed7f36c 100644
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@@ -731,9 +731,10 @@ int
 pfctl_get_states(int dev, struct pfctl_states *states)
 {
 	struct pfioc_nv		 nv;
-	nvlist_t		*nvl;
+	nvlist_t		*nvl = NULL;
 	const nvlist_t * const	*slist;
 	size_t			 found_count;
+	int			 error = 0;
 
 	bzero(states, sizeof(*states));
 	TAILQ_INIT(&states->states);
@@ -744,14 +745,14 @@ pfctl_get_states(int dev, struct pfctl_states *states)
 
 	for (;;) {
 		if (ioctl(dev, DIOCGETSTATESNV, &nv)) {
-			free(nv.data);
-			return (errno);
+			error = errno;
+			goto out;
 		}
 
 		nvl = nvlist_unpack(nv.data, nv.len, 0);
 		if (nvl == NULL) {
-			free(nv.data);
-			return (EIO);
+			error = EIO;
+			goto out;
 		}
 
 		states->count = nvlist_get_number(nvl, "count");
@@ -776,8 +777,10 @@ pfctl_get_states(int dev, struct pfctl_states *states)
 			nv.data = realloc(nv.data, new_size);
 			nv.size = new_size;
 
-			if (nv.data == NULL)
-				return (ENOMEM);
+			if (nv.data == NULL) {
+				error = ENOMEM;
+				goto out;
+			}
 			continue;
 		}
 
@@ -785,9 +788,8 @@ pfctl_get_states(int dev, struct pfctl_states *states)
 			struct pfctl_state *s = malloc(sizeof(*s));
 			if (s == NULL) {
 				pfctl_free_states(states);
-				nvlist_destroy(nvl);
-				free(nv.data);
-				return (ENOMEM);
+				error = ENOMEM;
+				goto out;
 			}
 
 			pf_nvstate_to_state(slist[i], s);
@@ -796,7 +798,11 @@ pfctl_get_states(int dev, struct pfctl_states *states)
 		break;
 	}
 
-	return (0);
+out:
+	nvlist_destroy(nvl);
+	free(nv.data);
+
+	return (error);
 }
 
 void
