Config parsing error paths can leak memory

stevegrubb · stevegrubb · commit ce9a71508a1e · 2026-01-28T22:22:17.000-05:00
When an unknown keyword is encountered, the function returns without freeing nv.values, which can leak memory on repeated parse attempts or reloads.
diff --git a/audisp/audispd-pconfig.c b/audisp/audispd-pconfig.c
@@ -245,11 +245,12 @@ int load_pconfig(plugin_conf_t *config, int dirfd, char *file)
 			audit_msg(LOG_ERR,
 				"Unknown keyword \"%s\" in line %d of %s",
 				nv.name, lineno, file);
+			nv_free(&nv);
 			fclose(f);
 			return 1;
 		}
 
-		/* Check number of options 
+		/* Check number of options
 		 * nv.nvalues is always >= 1, because that's the right part of a 'key = value' conf line
 		 */
 		const int noptions = nv.nvalues - 1;
@@ -258,13 +259,15 @@ int load_pconfig(plugin_conf_t *config, int dirfd, char *file)
 				"Keyword \"%s\" has invalid options "
 				"in line %d of %s",
 				nv.name, lineno, file);
+			nv_free(&nv);
 			fclose(f);
 			return 1;
 		}
 
 		/* dispatch to keyword's local parser */
 		rc = kw->parser(&nv, lineno, config);
 		if (rc != 0) {
+			nv_free(&nv);
 			fclose(f);
 			return 1; // local parser puts message out
 		}
