From 84e21d478c3f732dd8bef216dc93a95cd1c84e98 Mon Sep 17 00:00:00 2001
From: "Roger A. Light" <roger@atchoo.org>
Date: Fri, 3 Mar 2023 22:10:31 +0000
Subject: [PATCH] Fuzzing: Fix use after free.

This occurs only in case of a bad config, and only when the broker is
already exiting.

Closes oss-fuzz #56009.
---
 src/conf.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/conf.c b/src/conf.c
index f314aa82..01fdfc42 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -2459,11 +2459,10 @@ static int config__read_file_core(struct mosquitto__config *config, bool reload,
 						return MOSQ_ERR_NOMEM;
 					}
 					ws_origins[cur_listener->ws_origin_count] = NULL;
+					cur_listener->ws_origins = ws_origins;
 					if(conf__parse_string(&token, "websockets_origin", &ws_origins[cur_listener->ws_origin_count], &saveptr)){
-						mosquitto__FREE(ws_origins);
 						return MOSQ_ERR_INVAL;
 					}
-					cur_listener->ws_origins = ws_origins;
 					cur_listener->ws_origin_count++;
 #  else
 					log__printf(NULL, MOSQ_LOG_WARNING, "Warning: websockets_origin support not available, libwebsockets version is too old.");