Calling nft_cmd_free() in error case segfaults otherwise if the to be
freed object is not part of a list yet.
Exposed by commit eab75ed36a4f2 ("nft: Avoid memleak in error path of
nft_cmd_new()"), but belongs to commit a7f1e208cdf9c (and may go well
along with it).
Fixes: a7f1e208cdf9c ("nft: split parsing from netlink commands")
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft-cmd.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c
index b38da9bdc1c0b..58d5aa11e90d2 100644
--- a/iptables/nft-cmd.c
+++ b/iptables/nft-cmd.c
@@ -28,6 +28,7 @@ struct nft_cmd *nft_cmd_new(struct nft_handle *h, int command,
struct nft_cmd *cmd;
cmd = xtables_calloc(1, sizeof(struct nft_cmd));
+ INIT_LIST_HEAD(&cmd->head);
cmd->error.lineno = h->error.lineno;
cmd->command = command;
cmd->table = xtables_strdup(table);
--
2.43.0
