Patch 1 caused segfaults due to double free of cs->target->t. For unclear reasons, patch 2 fixed that situation again which is why I didn't notice it. This updated series has patch 1 set cs->target->t to NULL after freeing it to prevent the double free. Patch 2 didn't apply cleanly onto the changed patch 1, so sending an adjusted version here. Phil Sutter (2): xtables: Fix for crash when comparing rules with standard target xtables: Fix for false-positive rule matching iptables/nft-bridge.c | 9 ++++++ iptables/nft-shared.c | 28 ++++++++++++++++--- .../testcases/iptables/0005-delete-rules_0 | 14 ++++++++++ iptables/xtables.c | 4 ++- libxtables/xtables.c | 18 +++++++++++- 5 files changed, 67 insertions(+), 6 deletions(-) create mode 100755 iptables/tests/shell/testcases/iptables/0005-delete-rules_0 -- 2.20.1
