On Tue, Feb 12, 2019 at 09:00:48PM +0100, Pablo Neira Ayuso wrote:
> @@ -324,8 +297,10 @@ nft_target_destroy(const struct nft_ctx *ctx, const struct nft_expr *expr)
> if (par.target->destroy != NULL)
> par.target->destroy(&par);
>
> - if (nft_xt_put(container_of(expr->ops, struct nft_xt, ops)))
> + if (refcount_read(&xt->refcnt) == 0) {
> module_put(target->me);
> + kfree(xt);
> + }
> }
This leads to multiple-kfree calls in case there are multiple rules
that refers to this extension, this will not work.
