The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=0bd468ea3fe4f695e0a355becc1b4f5f5296402c
commit 0bd468ea3fe4f695e0a355becc1b4f5f5296402c Author: Kristof Provost <[email protected]> AuthorDate: 2022-04-07 06:35:12 +0000 Commit: Kristof Provost <[email protected]> CommitDate: 2022-04-07 12:51:52 +0000 pf: fix memory leak The nvlist is allocated in pf_keth_rule_to_nveth_rule(). There's no need to allocate one in the calling function. Especially not as we overwrite the pointer to the new nvlist with the one allocated by pf_keth_rule_to_nveth_rule(), leaking memory. Reported by: Coverity CID: 1476128 Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf_ioctl.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 22adc141846d..a8f9261111db 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -2720,8 +2720,6 @@ DIOCGETETHRULES_error: free(nvlpacked, M_TEMP); nvlpacked = NULL; - nvl = nvlist_create(0); - rule = TAILQ_FIRST(rs->active.rules); while ((rule != NULL) && (rule->nr != nr)) rule = TAILQ_NEXT(rule, entries);
