If this fails to parse a set element, stop the processing.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
src/set_elem.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/set_elem.c b/src/set_elem.c
index 5bb82f6..5ef46f2 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -298,8 +298,10 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest)
break;
}
}
- if (ret < 0)
+ if (ret < 0) {
xfree(e);
+ return -1;
+ }
/* Add this new element to this set */
list_add_tail(&e->head, &s->element_list);
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
