From b82d6ef70bb0a757631549cdc889f9b138da5f09 Mon Sep 17 00:00:00 2001 From: Olivier Houchard Date: Fri, 20 Mar 2020 14:26:32 +0100 Subject: [PATCH] BUG/MINOR: connections: Make sure we free the connection on failure. In connect_server(), make sure we properly free a newly created connection if we somehow fail, and it has not yet been attached to a conn_stream, or it would lead to a memory leak. This should appease coverity for backend.c, as reported in inssue #556. This should be backported to 2.1, 2.0 and 1.9 (cherry picked from commit c0caac2cc8f51c5802f0128a4ceb0c73ff601ead) [wt: minor ctx adjustment] Signed-off-by: Willy Tarreau --- src/backend.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/src/backend.c b/src/backend.c index 6e50a5c..8ca5123 100644 --- a/src/backend.c +++ b/src/backend.c @@ -1407,13 +1407,18 @@ int connect_server(struct stream *s) } } - if (!srv_conn || !sockaddr_alloc(&srv_conn->dst)) + if (!srv_conn || !sockaddr_alloc(&srv_conn->dst)) { + if (srv_conn) + conn_free(srv_conn); return SF_ERR_RESOURCE; + } if (!(s->flags & SF_ADDR_SET)) { err = assign_server_address(s); - if (err != SRV_STATUS_OK) + if (err != SRV_STATUS_OK) { + conn_free(srv_conn); return SF_ERR_INTERNAL; + } } /* copy the target address into the connection */ @@ -1429,11 +1434,15 @@ int connect_server(struct stream *s) else if (obj_type(s->target) == OBJ_TYPE_PROXY) { /* proxies exclusively run on raw_sock right now */ conn_prepare(srv_conn, protocol_by_family(srv_conn->dst->ss_family), xprt_get(XPRT_RAW)); - if (!(srv_conn->ctrl)) + if (!(srv_conn->ctrl)) { + conn_free(srv_conn); return SF_ERR_INTERNAL; + } } - else + else { + conn_free(srv_conn); return SF_ERR_INTERNAL; /* how did we get there ? */ + } #if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation) if (!srv || -- 1.7.10.4