From: Phil Sutter <psutter@xxxxxxxxxx> During list populating, in error case the function returns without freeing the newly allocated 'elem' object, thereby losing any references to it. Signed-off-by: Phil Sutter <phil@xxxxxx> --- src/set.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/set.c b/src/set.c index 5f7245855db53..7a41e8caeb3c0 100644 --- a/src/set.c +++ b/src/set.c @@ -610,12 +610,12 @@ static int nftnl_jansson_parse_set_info(struct nftnl_set *s, json_t *tree, return -1; json_elem = json_array_get(array, i); - if (json_elem == NULL) - return -1; - - if (nftnl_jansson_set_elem_parse(elem, - json_elem, err) < 0) + if (json_elem == NULL || + nftnl_jansson_set_elem_parse(elem, + json_elem, err) < 0) { + free(elem); return -1; + } list_add_tail(&elem->head, &s->element_list); } -- 2.8.2 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html