ebtables: Fix for memleak with change counters command

Just like with check command, change counters command creates a
temporary rule from rulespec on command line for a search by spec in
rule cache. It is not used anymore afterwards, so nft_cmd_free() should
free it.

Fixes: f340b7b6816be ("ebtables: Implement --change-counters command")
Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c
index 8372d171b00c4c4ca604302d7bf06faae2910dc0..b38da9bdc1c0b0a74e244706de9d5a391840bf45 100644 (file)
--- a/iptables/nft-cmd.c
+++ b/iptables/nft-cmd.c
@@ -65,6 +65,7 @@ void nft_cmd_free(struct nft_cmd *cmd)
        switch (cmd->command) {
        case NFT_COMPAT_RULE_CHECK:
        case NFT_COMPAT_RULE_DELETE:
+       case NFT_COMPAT_RULE_CHANGE_COUNTERS:
                if (cmd->obj.rule)
                        nftnl_rule_free(cmd->obj.rule);
                break;