As the subject says this diff fixes a few leaks in the config parser.
ok?
Index: parse.y
===================================================================
RCS file: /cvs/src/sbin/iked/parse.y,v
retrieving revision 1.83
diff -u -p -u -r1.83 parse.y
--- parse.y 26 Aug 2019 16:41:08 -0000 1.83
+++ parse.y 25 Sep 2019 19:28:24 -0000
@@ -354,10 +354,13 @@ int get_id_type(char *);
uint8_t x2i(unsigned char *);
int parsekey(unsigned char *, size_t, struct iked_auth *);
int parsekeyfile(char *, struct iked_auth *);
+void iaw_free(struct ipsec_addr_wrap *);
struct ipsec_transforms *ipsec_transforms;
struct ipsec_filters *ipsec_filters;
struct ipsec_mode *ipsec_mode;
+/* interface lookup routintes */
+struct ipsec_addr_wrap *iftab;
typedef struct {
union {
@@ -1630,6 +1633,9 @@ parse_config(const char *filename, struc
free(sym);
}
+ iaw_free(iftab);
+ iftab = NULL;
+
return (errors ? -1 : 0);
}
@@ -2184,10 +2190,6 @@ host_any(void)
return (ipa);
}
-/* interface lookup routintes */
-
-struct ipsec_addr_wrap *iftab;
-
void
ifa_load(void)
{
@@ -3040,7 +3042,22 @@ done:
free(p->prop_xforms);
free(p);
}
-
+ if (peers) {
+ if (peers->src)
+ iaw_free(peers->src);
+ if (peers->dst)
+ iaw_free(peers->dst);
+ /* peers is static, cannot be freed */
+ }
+ if (hosts) {
+ if (hosts->src)
+ iaw_free(hosts->src);
+ if (hosts->dst)
+ iaw_free(hosts->dst);
+ free(hosts);
+ }
+ if (ikecfg)
+ iaw_free(ikecfg);
return (ret);
}
@@ -3066,4 +3083,21 @@ create_user(const char *user, const char
rules++;
return (0);
+}
+
+void
+iaw_free(struct ipsec_addr_wrap *head)
+{
+ struct ipsec_addr_wrap *n, *cur;
+
+ for (n = head; n; ) {
+ cur = n;
+ n = n->next;
+ if (cur->srcnat) {
+ free(cur->srcnat->name);
+ free(cur->srcnat);
+ }
+ free(cur->name);
+ free(cur);
+ }
}
