The virNWFilterVarCombIterNext method will free its parameter when it gets to the end of the iterator. This is somewhat misleading design, making it appear as if the caller has a memory leak. Remove the free'ing of the parameter and ensure that the calling method ebiptablesCreateRuleInstanceIterate free's it instead. Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> --- src/conf/nwfilter_params.c | 4 +--- src/nwfilter/nwfilter_ebiptables_driver.c | 12 ++++++------ 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/src/conf/nwfilter_params.c b/src/conf/nwfilter_params.c index a78c407..5393134 100644 --- a/src/conf/nwfilter_params.c +++ b/src/conf/nwfilter_params.c @@ -526,10 +526,8 @@ next: } } - if (ci->nIter == i) { - virNWFilterVarCombIterFree(ci); + if (ci->nIter == i) return NULL; - } return ci; } diff --git a/src/nwfilter/nwfilter_ebiptables_driver.c b/src/nwfilter/nwfilter_ebiptables_driver.c index 0505045..e1e0af8 100644 --- a/src/nwfilter/nwfilter_ebiptables_driver.c +++ b/src/nwfilter/nwfilter_ebiptables_driver.c @@ -2869,14 +2869,14 @@ ebiptablesCreateRuleInstanceIterate( virNWFilterRuleInstPtr res) { int rc = 0; - virNWFilterVarCombIterPtr vciter; + virNWFilterVarCombIterPtr vciter, tmp; /* rule->vars holds all the variables names that this rule will access. * iterate over all combinations of the variables' values and instantiate * the filtering rule with each combination. */ - vciter = virNWFilterVarCombIterCreate(vars, - rule->varAccess, rule->nVarAccess); + tmp = vciter = virNWFilterVarCombIterCreate(vars, + rule->varAccess, rule->nVarAccess); if (!vciter) return -1; @@ -2885,12 +2885,12 @@ ebiptablesCreateRuleInstanceIterate( nwfilter, rule, ifname, - vciter, + tmp, res); if (rc < 0) break; - vciter = virNWFilterVarCombIterNext(vciter); - } while (vciter != NULL); + tmp = virNWFilterVarCombIterNext(tmp); + } while (tmp != NULL); virNWFilterVarCombIterFree(vciter); -- 1.8.5.3 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list