upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-05-21 09:25:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

BUG/MINOR: tools: fix memory leak in env_expand() error path

Browse source 
When my_realloc2() fails in env_expand(), the code jumps to 'leave:' and
returns NULL, but the original input 'in' is never freed (it's only freed
at line 4919 in the success case). Given that callers typically pass it
the direct return of strdup(), it looks like it is expected to always be
freed. This can be backported everywhere.
This commit is contained in:
Willy Tarreau 2026-05-11 15:04:19 +02:00
parent cbdbc96e36
commit 0995c914bd
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/tools.c
View file

@ -4900,8 +4900,10 @@ char *env_expand(char *in)
}
out = my_realloc2(out, out_len + (txt_end - txt_beg) + val_len + 1);
if (!out)
if (!out) {
free(in);
goto leave;
}
if (txt_end > txt_beg) {
memcpy(out + out_len, txt_beg, txt_end - txt_beg);