On Thu, Jun 24, 2021 at 08:57:18PM +0100, Colin King wrote: > From: Colin Ian King <colin.king@xxxxxxxxxxxxx> > > In the case where chain->flags & NFT_CHAIN_HW_OFFLOAD is false then > nft_flow_rule_create is not called and flow is NULL. The subsequent > error handling execution via label err_destroy_flow_rule will lead > to a null pointer dereference on flow when calling nft_flow_rule_destroy. > Since the error path to err_destroy_flow_rule has to cater for null > and non-null flows, only call nft_flow_rule_destroy if flow is non-null > to fix this issue. Applied, thanks.
