BUG/MINOR: http-act: Fix bugs on error path during parsing of return actions
This patch fixes memory leaks and a null pointer dereference found by coverity
on the error path when an HTTP return action is parsed. See issue #491.
No need to backport this patch except the HTT return action is backported too.
diff --git a/src/http_act.c b/src/http_act.c
index dc8c33d..a3dce68 100644
--- a/src/http_act.c
+++ b/src/http_act.c
@@ -2053,7 +2053,7 @@
cur_arg++;
if (!*args[cur_arg]) {
memprintf(err, "'%s' expects <status_code> as argument", args[cur_arg-1]);
- return ACT_RET_PRS_ERR;
+ goto error;
}
status = atol(args[cur_arg]);
if (status < 200 || status > 599) {
@@ -2436,18 +2436,20 @@
free(name);
if (fd >= 0)
close(fd);
- list_for_each_entry_safe(hdr, hdrb, hdrs, list) {
- LIST_DEL(&hdr->list);
- list_for_each_entry_safe(lf, lfb, &hdr->value, list) {
- LIST_DEL(&lf->list);
- release_sample_expr(lf->expr);
- free(lf->arg);
- free(lf);
+ if (hdrs) {
+ list_for_each_entry_safe(hdr, hdrb, hdrs, list) {
+ LIST_DEL(&hdr->list);
+ list_for_each_entry_safe(lf, lfb, &hdr->value, list) {
+ LIST_DEL(&lf->list);
+ release_sample_expr(lf->expr);
+ free(lf->arg);
+ free(lf);
+ }
+ free(hdr->name.ptr);
+ free(hdr);
}
- free(hdr->name.ptr);
- free(hdr);
+ free(hdrs);
}
- free(hdrs);
if (action == 3) {
list_for_each_entry_safe(lf, lfb, &rule->arg.http_return.body.fmt, list) {
LIST_DEL(&lf->list);