Strengthen against resource leaks upon exceptions.

* glob.c (glob_wrap): Perform argument conversions
that might throw before allocating UTF-8 string.

* parser.y (text): In the action for SPACE, the lexeme
is not needed so free($1) right away. If regex_compile
were to throw an exception, that lexeme will leak.

* socket.c (getaddrinfo_wrap): Harden against leakage of
node_u8 and service_u8 strings with an unwind block.
For instance, the hints structure could contain
bad values which cause addrinfo_in to throw.

* stream.c (make_string_byte_input_stream): Perform
possibly throwing argument conversions before allocating
resources.

* sysif.c (mkdir_wrap, mknod_wrap, chmod_wrap, symlink_wrap,
link_wrap, setenv_wrap, crypt_wrap): Likewise.

* syslog.c (openlog_wrap, syslog_wrapv): Likewise.

1 files changed, 9 insertions, 3 deletions

diff --git a/socket.c b/socket.c
index 5871632e..9b50959b 100644
--- a/socket.c
+++ b/socket.c
@@ -174,9 +174,11 @@ static val getaddrinfo_wrap(val node_in, val service_in, val hints_in)
   char *service_u8 = stringp(service) ? utf8_dup_to(c_str(service)) : 0;
   val node_num_p = integerp(node);
   val svc_num_p = integerp(service);
-  int res;
+  int res = 0;
   list_collect_decl (out, ptail);
 
+  uw_simple_catch_begin;
+
   if (hints) {
     memset(&hints_ai, 0, sizeof hints_ai);
     addrinfo_in(&hints_ai, hints);
@@ -184,8 +186,12 @@ static val getaddrinfo_wrap(val node_in, val service_in, val hints_in)
 
   res = getaddrinfo(node_u8, service_u8, phints, &alist);
 
-  free(node_u8);
-  free(service_u8);
+  uw_unwind {
+    free(node_u8);
+    free(service_u8);
+  }
+
+  uw_catch_end;
 
   if (res == 0) {
     for (aiter = alist; aiter; aiter = aiter->ai_next) {