From 98026b3e3a1ab98cab6c7e61fca1f04340fad47c Mon Sep 17 00:00:00 2001
From: =?utf8?q?Paul=20H=C3=A4nsch?= <paul@plutz.net>
Date: Mon, 16 Mar 2026 20:26:15 +0100
Subject: [PATCH] bugfix: free new object properly when connection fails
 (js_free was called at the wrong point)

---
 socket.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/socket.c b/socket.c
index cca14f4..341474c 100644
--- a/socket.c
+++ b/socket.c
@@ -393,7 +393,7 @@ static int net_ip_listen(SocketData *so, int type) {
     && !bind(so->fd, (struct sockaddr *) &(so->bind), sizeof(so->bind))
     && !sock_set_timeout(so, net_timeout)
     && (type == SOCK_DGRAM || !listen(so->fd, 1))
-  ){
+  ) {
     so->type = type;
     return 0;
   } else {
@@ -420,11 +420,11 @@ static JSValue js_net_ip_listen(
   ) {
     JS_SetOpaque(new, data);
   } else {
+    JS_FreeValue(ctx, new);
     if (!data) new = JS_EXCEPTION;
     else if (!gai_err) new = libc_error(ctx);
     else new = JS_ThrowInternalError(ctx, "%s", gai_strerror(gai_err));
     js_free(ctx, data);
-    JS_FreeValue(ctx, new);
   }
   JS_FreeCString(ctx, host); JS_FreeCString(ctx, port);
 
@@ -467,11 +467,11 @@ static JSValue js_net_ip_connect(
   ) {
     JS_SetOpaque(new, data);
   } else {
+    JS_FreeValue(ctx, new);
     if (!data) new = JS_EXCEPTION;
     else if (!gai_err) new = libc_error(ctx);
     else new = JS_ThrowInternalError(ctx, "%s", gai_strerror(gai_err));
     js_free(ctx, data);
-    JS_FreeValue(ctx, new);
   }
   JS_FreeCString(ctx, host); JS_FreeCString(ctx, port);
 
@@ -507,30 +507,31 @@ static int net_unix_bind(SocketData *so, const char *path, size_t plen, int con)
   }
 }
 
+
 static JSValue js_net_unix_bind(
   JSContext *ctx, JSValueConst this, int argc, JSValueConst *argv, int c
 ) {
   SocketData *data = js_mallocz(ctx, sizeof(*data));
   JSValue new = JS_NewObjectClass(ctx, socket_cid);
   const char *path; size_t plen;
-  struct sockaddr_un * addr;
+  const size_t l_sun_path = sizeof( ((struct sockaddr_un){}).sun_path );
 
   path = JS_ToCStringLen(ctx, &plen, argv[0]);
 
-  if ( data && (plen < sizeof(addr->sun_path))
+  if ( data && (plen < l_sun_path )
     && !net_unix_bind(data, path, plen, c)
   ) {
     JS_SetOpaque(new, data);
   } else {
+    JS_FreeValue(ctx, new);
     if (!data) {
       new = JS_EXCEPTION;
-    } else if (plen < sizeof(addr->sun_path)) {
+    } else if (plen < l_sun_path) {
       new = libc_error(ctx);
     } else new = JS_ThrowRangeError(
-      ctx, "pathname too long (>= %lu bytes)", sizeof(addr->sun_path)
+      ctx, "pathname too long (>= %lu bytes)", l_sun_path
     );
     js_free(ctx, data);
-    JS_FreeValue(ctx, new);
   }
   JS_FreeCString(ctx, path);
 
@@ -569,8 +570,8 @@ static const JSCFunctionListEntry net_funcs[] = {
 
   // XXX: How does one use a get/set property in a module provided object?
   // JS_CGETSET_DEF("timeout", net_get_timeout, net_set_timeout),
-  JS_CFUNC_DEF("setConnectTimeout", 1, net_set_timeout),
-  JS_CFUNC_DEF("getConnectTimeout", 1, net_get_timeout),
+  JS_CFUNC_DEF("setTimeout", 1, net_set_timeout),
+  JS_CFUNC_DEF("getTimeout", 1, net_get_timeout),
 };
 
 static int sock_modinit(JSContext *ctx, JSModuleDef *mod ) {
-- 
2.39.5