bin/53371: Potential memory leak in usr.sbin/ndp/ndp.c

[thomas.barabosch%fkie.fraunhofer.de@localhost]

>Number:         53371
>Category:       bin
>Synopsis:       Potential memory leak in usr.sbin/ndp/ndp.c
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jun 16 11:40:00 +0000 2018
>Originator:     Thomas Barabosch
>Release:        7.1.2
>Organization:
Fraunhofer FKIE
>Environment:
>Description:
According to getaddrinfo.3, we must deallocate the data received by getaddrinfo with freeaddrinfo. However, this is no done in ndp.c. There are three calls to getaddrinfo, but none to freeaddrinfo. Hence, we are leaking memory, though this should not be that critical in this case. Nevertheless, to use the libraries calls correctly, I've drafted a patch to add the missing calls. I've added the calls as soon as possible, I hope that is OK this way. Alternatively, we could free the memory at the very end of the corresponding functions...
>How-To-Repeat:

>Fix:
--- usr.sbin/ndp/ndp.c	2018-05-14 00:00:49.708718130 +0200
+++ usr.sbin/ndp/ndp.c.patched	2018-06-16 13:33:04.183277142 +0200
@@ -376,6 +376,7 @@
 		return 1;
 	}
 	makeaddr(mysin, res->ai_addr);
+	freeaddrinfo(res);
 	ea = (u_char *)LLADDR(&sdl_m);
 	if (ndp_ether_aton(eaddr, ea) == 0)
 		sdl_m.sdl_alen = 6;
@@ -441,6 +442,7 @@
 		return;
 	}
 	makeaddr(mysin, res->ai_addr);
+	freeaddrinfo(res);
 	do_foreach(&mysin->sin6_addr, host, 0);
 	if (found_entry == 0) {
 		(void)getnameinfo((struct sockaddr *)(void *)mysin,
@@ -467,6 +469,7 @@
 		return;
 	}
 	makeaddr(mysin, res->ai_addr);
+	freeaddrinfo(res);
 	do_foreach(&mysin->sin6_addr, host, NDP_F_DELETE);
 }