config: fix realloc() error handling for "dhcpv6_raw" option

Check the return value from realloc() to avoid leaking memory.

Signed-off-by: David Härdeman <[email protected]>
Link: https://github.com/openwrt/odhcpd/pull/320
Signed-off-by: Álvaro Fernández Rojas <[email protected]>

diff --git a/src/config.c b/src/config.c
index 6a8796054c05d0e7393957fe682facdbb02178cc..53362b5bb1185f3c09446f1611fad3b5cb411f43 100644 (file)
--- a/src/config.c
+++ b/src/config.c
@@ -1417,8 +1417,15 @@ int config_parse_interface(void *data, size_t len, const char *name, bool overwr
                iface->dhcpv4_forcereconf = blobmsg_get_bool(c);
 
        if ((c = tb[IFACE_ATTR_DHCPV6_RAW])) {
-               iface->dhcpv6_raw_len = blobmsg_data_len(c) / 2;
-               iface->dhcpv6_raw = realloc(iface->dhcpv6_raw, iface->dhcpv6_raw_len);
+               void *tmp;
+               size_t opt_len = blobmsg_data_len(c) / 2;
+
+               tmp = realloc(iface->dhcpv6_raw, opt_len);
+               if (!tmp)
+                       goto err;
+
+               iface->dhcpv6_raw = tmp;
+               iface->dhcpv6_raw_len = opt_len;
                odhcpd_unhexlify(iface->dhcpv6_raw, iface->dhcpv6_raw_len, blobmsg_get_string(c));
        }