On Tue, May 14, 2013 at 01:52:03PM +0300, Tomasz Bursztyka wrote: > Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@xxxxxxxxxxxxxxx> > --- > iptables/nft.c | 14 ++++++++++++-- > 1 file changed, 12 insertions(+), 2 deletions(-) > > diff --git a/iptables/nft.c b/iptables/nft.c > index f5d96bc..574383d 100644 > --- a/iptables/nft.c > +++ b/iptables/nft.c > @@ -1119,6 +1119,7 @@ next: > c = nft_chain_list_iter_next(iter); > } > > + nft_chain_list_iter_destroy(iter); > nft_chain_list_free(list); > > return 1; > @@ -1248,7 +1249,7 @@ int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table) > { > int ret; > struct nft_chain_list *list; > - struct nft_chain_list_iter *iter; > + struct nft_chain_list_iter *iter = NULL; By looking at the code, we can skip setting this to NULL. > struct nft_chain *c; > > nft_fn = nft_rule_flush; > @@ -1285,6 +1286,7 @@ next: > } > > err: > + nft_chain_list_iter_destroy(iter); By moving this before the err: label. I'm going to take over this patch and give it another spin. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html