[nft PATCH 3/6] evaluate: Fix memleak in stmt_reject_gen_dependency()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The allocated payload expression is not used after returning from that
function, so it needs to be freed again.

Simple test case:

| nft add rule inet t c reject with tcp reset

Valgrind reports definitely lost 144 bytes.

Signed-off-by: Phil Sutter <phil@xxxxxx>
---
 src/evaluate.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/evaluate.c b/src/evaluate.c
index 54fd6b61dbbdf..40a9292fe53af 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2143,8 +2143,10 @@ static int stmt_reject_gen_dependency(struct eval_ctx *ctx, struct stmt *stmt,
 	if (ret <= 0)
 		return ret;
 
-	if (payload_gen_dependency(ctx, payload, &nstmt) < 0)
-		return -1;
+	if (payload_gen_dependency(ctx, payload, &nstmt) < 0) {
+		ret = -1;
+		goto out;
+	}
 
 	/*
 	 * Unlike payload deps this adds the dependency at the beginning, i.e.
@@ -2155,7 +2157,9 @@ static int stmt_reject_gen_dependency(struct eval_ctx *ctx, struct stmt *stmt,
 	 * Otherwise we'd log things that won't be rejected.
 	 */
 	list_add(&nstmt->list, &ctx->rule->stmts);
-	return 0;
+out:
+	xfree(payload);
+	return ret;
 }
 
 static int stmt_evaluate_reject_inet_family(struct eval_ctx *ctx,
-- 
2.16.1

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux