From 613ff9a6ce9e4a045e7e250e47d8fe0ffa6d10a2 Mon Sep 17 00:00:00 2001 From: tobhe Date: Sun, 31 Jan 2021 17:15:38 +0000 Subject: [PATCH] Don't leak flows if ikev2_cp_fixflow() fails. ok patrick@ --- sbin/iked/ikev2.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 94b6c6af415..1d7a63d2b9d 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.298 2021/01/23 21:35:48 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.299 2021/01/31 17:15:38 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -5929,8 +5929,10 @@ ikev2_childsa_negotiate(struct iked *env, struct iked_sa *sa, flowa->flow_local = &sa->sa_local; flowa->flow_peer = &sa->sa_peer; flowa->flow_ikesa = sa; - if (ikev2_cp_fixflow(sa, flow, flowa) == -1) + if (ikev2_cp_fixflow(sa, flow, flowa) == -1) { + flow_free(flowa); continue; + } skip = 0; TAILQ_FOREACH(saflow, &sa->sa_flows, flow_entry) { @@ -5957,8 +5959,11 @@ ikev2_childsa_negotiate(struct iked *env, struct iked_sa *sa, sizeof(flow->flow_dst)); memcpy(&flowb->flow_dst, &flow->flow_src, sizeof(flow->flow_src)); - if (ikev2_cp_fixflow(sa, flow, flowb) == -1) + if (ikev2_cp_fixflow(sa, flow, flowb) == -1) { + flow_free(flowa); + flow_free(flowb); continue; + } TAILQ_INSERT_TAIL(&sa->sa_flows, flowa, flow_entry); TAILQ_INSERT_TAIL(&sa->sa_flows, flowb, flow_entry); -- 2.20.1