From f24804f4017708832f661cb58e922f832fbf5234 Mon Sep 17 00:00:00 2001 From: Nigel Kukard Date: Wed, 30 Aug 2017 08:27:15 +0000 Subject: [PATCH] bgpd: Fixed potential memory leak if additive is false in normal communities The else portion of the IF dups the community, but doesn't free old Signed-off-by: Nigel Kukard --- bgpd/bgp_routemap.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c index d44ae1d1ea..f5ee4fe897 100644 --- a/bgpd/bgp_routemap.c +++ b/bgpd/bgp_routemap.c @@ -1493,18 +1493,19 @@ static route_map_result_t route_set_community(void *rule, struct prefix *prefix, if (rcs->additive && old) { merge = community_merge(community_dup(old), rcs->com); - /* HACK: if the old community is not intern'd, - * we should free it here, or all reference to it may be - * lost. - * Really need to cleanup attribute caching sometime. - */ - if (old->refcnt == 0) - community_free(old); new = community_uniq_sort(merge); community_free(merge); } else new = community_dup(rcs->com); + /* HACK: if the old community is not intern'd, + * we should free it here, or all reference to it may be + * lost. + * Really need to cleanup attribute caching sometime. + */ + if (old && old->refcnt == 0) + community_free(old); + /* will be interned by caller if required */ attr->community = new; -- 2.39.5