From 9ea6db38896656f64499db62293dc15492206d71 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Tue, 28 May 2019 15:45:37 +0200
Subject: [PATCH] pool: don't call Cleanup after failed Init

Stream reassembly memcap is regulated by the Init and Cleanup
callbacks. If Init fails due to memcap reached, Cleanup had no
way of knowing and it would decrease the memcap even if it hadn't
been increased by Init. This could lead to too much memory use and
memcap counter underflow.

This patch fixes the issue by not calling Cleanup in this case. It's
fair to see a failed Init the responsibility of Init.
---
 src/util-pool.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/util-pool.c b/src/util-pool.c
index c88cc847cb..ce55645d82 100644
--- a/src/util-pool.c
+++ b/src/util-pool.c
@@ -171,8 +171,6 @@ Pool *PoolInit(uint32_t size, uint32_t prealloc_size, uint32_t elt_size,
             }
             if (p->Init(pb->data, p->InitData) != 1) {
                 SCLogError(SC_ERR_POOL_INIT, "init error");
-                if (p->Cleanup)
-                    p->Cleanup(pb->data);
                 if (p->Free)
                     p->Free(pb->data);
                 else
@@ -195,8 +193,6 @@ Pool *PoolInit(uint32_t size, uint32_t prealloc_size, uint32_t elt_size,
             pb->data = (char *)p->data_buffer + u32 * elt_size;
             if (p->Init(pb->data, p->InitData) != 1) {
                 SCLogError(SC_ERR_POOL_INIT, "init error");
-                if (p->Cleanup)
-                    p->Cleanup(pb->data);
                 pb->data = NULL;
                 goto error;
             }
@@ -303,8 +299,6 @@ void *PoolGet(Pool *p)
 
             if (pitem != NULL) {
                 if (p->Init(pitem, p->InitData) != 1) {
-                    if (p->Cleanup)
-                        p->Cleanup(pitem);
                     if (p->Free != NULL)
                         p->Free(pitem);
                     else