diff mbox series

[Openvpn-devel,v2] dns: Fix memory leak in dns_server_addr_parse

Message ID 20260618061835.16448-1-gert@greenie.muc.de
State New
Headers
Series [Openvpn-devel,v2] dns: Fix memory leak in dns_server_addr_parse |

Commit Message

Gert Doering June 18, 2026, 6:18 a.m. UTC 
  From: saddamr3e <saddamr3e@gmail.com>

When the DNS server's address count is already full (exceeds the
limit of 8), the function returned early without freeing the
successfully resolved addrinfo struct. Fix this by checking the
limit before executing the DNS lookup.

Github: OpenVPN/openvpn#1055
Change-Id: I7ec318c86af994284d1c6272e3bbe2b1ede160fd
Signed-off-by: saddamr3e <saddamr3e@gmail.com>
Acked-by: Heiko Hund <heiko@openvpn.net>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1712
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1712
This mail reflects revision 2 of this Change.

Acked-by according to Gerrit (reflected above):
Heiko Hund <heiko@openvpn.net>
diff mbox series

Patch

diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c
index 954ed52..1465cdf 100644
--- a/src/openvpn/dns.c
+++ b/src/openvpn/dns.c
@@ -114,13 +114,13 @@ 
         addr = addrcopy;
     }
 
-    struct addrinfo *ai = NULL;
-    if (openvpn_getaddrinfo(0, addr, NULL, 0, NULL, af, &ai) != 0)
+    if (server->addr_count >= SIZE(server->addr))
     {
         return false;
     }
 
-    if (server->addr_count >= SIZE(server->addr))
+    struct addrinfo *ai = NULL;
+    if (openvpn_getaddrinfo(0, addr, NULL, 0, NULL, af, &ai) != 0)
     {
         return false;
     }