commit 2a3c7d42fe7fd7fa34f4567b01a424ca9bdfa96b
from: Stefan Sperling <stsp@stsp.name>
date: Thu Aug 29 12:48:29 2024 UTC

preserve original pointer during realloc() and free on error return

found by codechecker

commit - d67e0bc072ee69d887db85a6d9173b69f3b4b0d6
commit + 2a3c7d42fe7fd7fa34f4567b01a424ca9bdfa96b
blob - 12cb1e03490fef9efe69c70e044d33107b0acec6
blob + f7a4894fad49fd38fff8170838f30e64bf03924c
--- ndp.c
+++ ndp.c
@@ -379,6 +379,7 @@ ndpdump(struct sockaddr_in6 *addr, int cflag)
 	mib[5] = RTF_LLINFO;
 	mib[6] = cli_rtable;
 	while (1) {
+		char *p;
 		if (sysctl(mib, 7, NULL, &needed, NULL, 0) == -1) {
 			printf("%% sysctl(PF_ROUTE estimate): %s\n",
 			    strerror(errno));
@@ -386,15 +387,18 @@ ndpdump(struct sockaddr_in6 *addr, int cflag)
 		}
 		if (needed == 0)
 			break;
-		if ((buf = realloc(buf, needed)) == NULL) {
+		if ((p = realloc(buf, needed)) == NULL) {
 			printf("%% realloc: %s\n", strerror(errno));
+			free(buf);
 			return;
 		}
+		buf = p;
 		if (sysctl(mib, 7, buf, &needed, NULL, 0) == -1) {
 			if (errno == ENOMEM)
 				continue;
 			printf("%% sysctl(PF_ROUTE, NET_RT_FLAGS): %s\n",
 			    strerror(errno));
+			free(buf);
 			return;
 		}
 		lim = buf + needed;