@@ -54,11 +54,21 @@ alloc_buf_debug (size_t size, const char *file, int line)

 alloc_buf (size_t size)

 #endif

 {

+  struct buffer buf;

+

+  if (!buf_size_valid (size))

+    buf_size_error (size);

+  buf.capacity = (int)size;

+  buf.offset = 0;

+  buf.len = 0;

 #ifdef DMALLOC

-  return alloc_buf_gc_debug (size, NULL, file, line);

+  buf.data = openvpn_dmalloc (file, line, size);

 #else

-  return alloc_buf_gc (size, NULL);

+  buf.data = calloc (1, size);

 #endif

+  check_malloc_return(buf.data);

+

+  return buf;

 }

 struct buffer

@@ -515,11 +525,25 @@ string_alloc (const char *str, struct gc_arena *gc)

       const int n = strlen (str) + 1;

       char *ret;

+      if (gc) {

+#ifdef DMALLOC

+        ret = (char *) gc_malloc_debug (n, false, gc, file, line);

+#else

+        ret = (char *) gc_malloc (n, false, gc);

+#endif

+      } else {

+        /* If there are no garbage collector available, it's expected

+         * that the caller cleans up afterwards.  This is coherent with the

+         * earlier behaviour when gc_malloc() would be called with gc == NULL

+         */

 #ifdef DMALLOC

-      ret = (char *) gc_malloc_debug (n, false, gc, file, line);

+        ret = openvpn_dmalloc (file, line, n);

+        memset(ret, 0, n);

 #else

-      ret = (char *) gc_malloc (n, false, gc);

+        ret = calloc(1, n);

 #endif

+        check_malloc_return(ret);

+      }

       memcpy (ret, str, n);

       return ret;

     }

@@ -3012,7 +3012,7 @@ do_close_ifconfig_pool_persist (struct context *c)

 static void

 do_inherit_env (struct context *c, const struct env_set *src)

 {

-  c->c2.es = env_set_create (NULL);

+  c->c2.es = env_set_create (&c->c2.gc);

   c->c2.es_owned = true;

   env_set_inherit (c->c2.es, src);

 }

@@ -164,7 +164,7 @@ main (int argc, char *argv[])

 	  gc_init (&c.gc);

 	  /* initialize environmental variable store */

-	  c.es = env_set_create (NULL);

+	  c.es = env_set_create (&c.gc);

 #ifdef WIN32

 	  set_win_sys_path_via_env (c.es);

 #endif

@@ -4291,7 +4291,7 @@ add_option (struct options *options,

     {

       unsigned int netbits;

       char * ipv6_local;

-	

+

       VERIFY_PERMISSION (OPT_P_UP);

       if ( get_ipv6_addr( p[1], NULL, &netbits, &ipv6_local, msglevel ) &&

            ipv6_addr_safe( p[2] ) )

@@ -4301,6 +4301,11 @@ add_option (struct options *options,

 	      msg( msglevel, "ifconfig-ipv6: /netbits must be between 64 and 124, not '/%d'", netbits );

 	      goto err;

 	    }

+

+          if (options->ifconfig_ipv6_local)

+            /* explicitly ignoring this is a const char */

+            free ((char *) options->ifconfig_ipv6_local);

+

 	  options->ifconfig_ipv6_local = ipv6_local;

 	  options->ifconfig_ipv6_netbits = netbits;

 	  options->ifconfig_ipv6_remote = p[2];

@@ -566,7 +566,7 @@ pf_init_context (struct context *c)

         if (plugin_call (c->plugins, OPENVPN_PLUGIN_ENABLE_PF, NULL, NULL, c->c2.es) == OPENVPN_PLUGIN_FUNC_SUCCESS)

           {

             event_timeout_init (&c->c2.pf.reload, 1, now);

-            c->c2.pf.filename = string_alloc (pf_file, NULL);

+            c->c2.pf.filename = string_alloc (pf_file, &c->c2.gc);

             c->c2.pf.enabled = true;

 #ifdef ENABLE_DEBUG

             if (check_debug_level (D_PF_DEBUG))

@@ -83,6 +83,7 @@ set_common_name (struct tls_session *session, const char *common_name)

     }

   if (common_name)

     {

+      /* FIXME: Last alloc will never be freed */

       session->common_name = string_alloc (common_name, NULL);

 #ifdef ENABLE_PF

       {

@@ -703,6 +704,7 @@ man_def_auth_set_client_reason (struct tls_multi *multi, const char *client_reas

       multi->client_reason = NULL;

     }

   if (client_reason && strlen (client_reason))

+    /* FIXME: Last alloc will never be freed */

     multi->client_reason = string_alloc (client_reason, NULL);

 }