From e21bcbfbb97e611477f5847d96ad0896f78096fa Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Tue, 3 Oct 2023 08:50:47 +1030
Subject: [PATCH] channeld: fix memleak when inflights is NULL.

In this case, we were allocating off NULL, which meant a leak:

```
 MEMLEAK: 0x565086722e98
   label=channeld/channeld.c:3433:struct inflight
   backtrace:
     ccan/ccan/tal/tal.c:477 (tal_alloc_)
     channeld/channeld.c:3433 (inflights_new)
     channeld/channeld.c:3573 (splice_accepter)
     channeld/channeld.c:4145 (peer_in)
     channeld/channeld.c:6051 (main)
   parents:
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
---
 channeld/channeld.c | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/channeld/channeld.c b/channeld/channeld.c
index 556062d4f..0d05edc90 100644
--- a/channeld/channeld.c
+++ b/channeld/channeld.c
@@ -3430,17 +3430,14 @@ static void resume_splice_negotiation(struct peer *peer,
 
 static struct inflight *inflights_new(struct peer *peer)
 {
-	struct inflight *inf = tal(peer->splice_state->inflights,
-				   struct inflight);
-	int i = tal_count(peer->splice_state->inflights);
+	struct inflight *inf;
 
-	if (i)
-		tal_resize(&peer->splice_state->inflights, i + 1);
-	else
+	if (!peer->splice_state->inflights)
 		peer->splice_state->inflights = tal_arr(peer->splice_state,
-							struct inflight *, 1);
+							struct inflight *, 0);
 
-	peer->splice_state->inflights[i] = inf;
+	inf = tal(peer->splice_state->inflights, struct inflight);
+	tal_arr_expand(&peer->splice_state->inflights, inf);
 	return inf;
 }