Fix long-standing memory leak as found by Jerry Nichols

bob	Cleartext-Password := "hello"
	Tunnel-Server-Endpoint := 1.2.3.4,
        Tunnel-Server-Endpoint := 1.2.3.5,
        Tunnel-Type            := 3,
        Tunnel-Server-Endpoint := 1.2.3.2,
        Tunnel-Medium-Type     := 1,
        Tunnel-Server-Endpoint := 1.2.3.1

Where there are multiple copies of
the same attribute with a := operator in the 'from' list, and the only
operators in the 'from' list are :=, then all the repeated attributes
after the first and before the last non-repeated attribute are lost. In
the example above that would result in the VALUE_PAIRS :

        Tunnel-Server-Endpoint := 1.2.3.5
        Tunnel-Server-Endpoint := 1.2.3.2

being orphaned.

diff --git a/src/main/valuepair.c b/src/main/valuepair.c
index 5e5011d..843589f 100644 (file)
--- a/src/main/valuepair.c
+++ b/src/main/valuepair.c
@@ -645,6 +645,7 @@ void pairxlatmove(REQUEST *req, VALUE_PAIR **to, VALUE_PAIR **from)
                                vp = found->next;
                                memcpy(found, i, sizeof(*found));
                                found->next = vp;
+                               tailfrom = i;
                                continue;
                        }
                        break;