payload_match_postprocess() expects a relational with payload of his lhs and value on the rhs. Moreover, payload_match_expand() releases the previous expression so valgrind reports an use-after-free when pruning the implicit binop. Fix this by calling payload_match_postprocess() in first place. Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- src/netlink_delinearize.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 7d94f30..ae6abb0 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -1229,13 +1229,12 @@ static void binop_postprocess(struct rule_pp_ctx *ctx, struct expr *expr) value->len = payload->len; } - payload_match_postprocess(ctx, expr, payload); - assert(expr->left->ops->type == EXPR_BINOP); - assert(binop->left == payload); expr->left = expr_get(payload); expr_free(binop); + + payload_match_postprocess(ctx, expr, payload); } } -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
