From 6f8f5de9637c2142a32ae0434b071b7a84ed90a6 Mon Sep 17 00:00:00 2001 From: claudio Date: Tue, 13 Jun 2023 08:45:41 +0000 Subject: [PATCH] Fix FILE leak in error path. If flowf is NULL then fclose(spif) must be called. Split up the error check from if (spif == NULL || flowf == NULL) to individual checks since that is easier to read. Noticed by markus@, OK tb@ --- sbin/iked/ikev2.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 8c6106509fe..dc641fafa31 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.368 2023/06/12 09:02:31 claudio Exp $ */ +/* $OpenBSD: ikev2.c,v 1.369 2023/06/13 08:45:41 claudio Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -6430,9 +6430,14 @@ ikev2_childsa_enable(struct iked *env, struct iked_sa *sa) int ret = -1; spif = open_memstream(&spibuf, &spisz); + if (spif == NULL) { + log_warn("%s", __func__); + return (ret); + } flowf = open_memstream(&flowbuf, &flowsz); - if (spif == NULL || flowf == NULL) { + if (flowf == NULL) { log_warn("%s", __func__); + fclose(spif); return (ret); } -- 2.20.1