From fa80fa4ee1a74ad51ad051388f23a163b1893a30 Mon Sep 17 00:00:00 2001
From: Mikhail Novosyolov <m.novosyolov@rosa.ru>
Date: Sat, 28 Feb 2026 21:48:53 +0300
Subject: [PATCH] Fix MEMORY_LEAK.EX in delete_all.c

Add list_clear(&l) before returning -1 on error paths to prevent
memory leak of rule list allocated by list_append().

Svace report:
  Dynamic memory, referenced by 'newnode->r', is allocated at
  delete_all.c:87 by calling function 'list_append' and lost at
  delete_all.c:79. (CWE401, CWE404, CWE775)

Co-authored-by: Z.AI GLM-5
---
 src/delete_all.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/delete_all.c b/src/delete_all.c
index 4e0feed17..9099f686e 100644
--- a/src/delete_all.c
+++ b/src/delete_all.c
@@ -73,9 +73,10 @@ int delete_all_rules(int fd)
 				break;
 
 			if (rep.type == NLMSG_ERROR && rep.error->error) {
-				audit_msg(LOG_ERR, 
-					"Error receiving rules list (%s)", 
+				audit_msg(LOG_ERR,
+					"Error receiving rules list (%s)",
 					strerror(-rep.error->error));
+				list_clear(&l);
 				return -1;
 			}
 
@@ -97,7 +98,8 @@ int delete_all_rules(int fd)
 		rc = audit_send(fd, AUDIT_DEL_RULE, n->r, n->size);
 		if (rc < 0) {
 			audit_msg(LOG_ERR, "Error deleting rule (%s)",
-				strerror(-rc)); 
+				strerror(-rc));
+			list_clear(&l);
 			return -1;
 		}
 		n = list_next(&l);