From a4f27d96c6be56806aa493f72718aea3c1e28a85 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Sun, 26 Apr 2026 23:49:35 +0200
Subject: [PATCH] BUG/MINOR: sample: fix memory leak in check_when_cond() when
 ACL is not found

When find_acl_by_name() and find_acl_default() both fail when parsing
converter "when(ACL,foo)", the previously allocated acl_sample struct
is leaked. Free it before returning 0. This can be backported to stable
versions.
---
 src/sample.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/sample.c b/src/sample.c
index 80cd93008..b6ec6ec77 100644
--- a/src/sample.c
+++ b/src/sample.c
@@ -4114,6 +4114,7 @@ static int check_when_cond(struct arg *args, struct sample_conv *conv,
 		if (!(acl_sample->terms[0].acl = find_acl_by_name(args[1].data.str.area, &curproxy->acl)) &&
 		    !(acl_sample->terms[0].acl = find_acl_default(args[1].data.str.area, &curproxy->acl, err, NULL, NULL, 0))) {
 			memprintf(err, "ACL '%s' not found", args[1].data.str.area);
+			free(acl_sample);
 			return 0;
 		}