nft: Use clear_cs() instead of open coding

In a few places, initialized struct iptables_command_state was not fully
deinitialized. Change them to call nft_clear_iptables_command_state()
which does it properly.

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c
index 70634f8fad84d9fa28f33f623c1ac942c65b30f4..69691fe28cf80675131c634d611a1af6ead08186 100644 (file)
--- a/iptables/nft-ipv4.c
+++ b/iptables/nft-ipv4.c
@@ -288,7 +288,7 @@ static void nft_ipv4_print_rule(struct nft_handle *h, struct nftnl_rule *r,
        if (!(format & FMT_NONEWLINE))
                fputc('\n', stdout);
 
-       xtables_rule_matches_free(&cs.matches);
+       nft_clear_iptables_command_state(&cs);
 }
 
 static void save_ipv4_addr(char letter, const struct in_addr *addr,

diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
index d01491bfdb689572e14bea876b939332d401c39b..76f2613d95c6a02d5e38f691d9bd8b3941bb75ec 100644 (file)
--- a/iptables/nft-ipv6.c
+++ b/iptables/nft-ipv6.c
@@ -217,7 +217,7 @@ static void nft_ipv6_print_rule(struct nft_handle *h, struct nftnl_rule *r,
        if (!(format & FMT_NONEWLINE))
                fputc('\n', stdout);
 
-       xtables_rule_matches_free(&cs.matches);
+       nft_clear_iptables_command_state(&cs);
 }
 
 static void save_ipv6_addr(char letter, const struct in6_addr *addr,

diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index a0136059bb7109e6a012428d7a91320f270710ae..e64938fbf5d36fd241aef36f71c50107075cb733 100644 (file)
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -1019,9 +1019,7 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table,
        free(daddrs);
        free(dmasks);
 
-       if (cs.target)
-               free(cs.target->t);
-
+       nft_clear_iptables_command_state(&cs);
        xtables_free_opts(1);
 
 /*     if (verbose > 1)

diff --git a/iptables/xtables.c b/iptables/xtables.c
index c180af13975f81d9bd5d450a11c564598f5e2ad0..63a37ae86706914ac7dc3a685469d8bf3888ad15 100644 (file)
--- a/iptables/xtables.c
+++ b/iptables/xtables.c
@@ -1138,11 +1138,7 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table,
 
        *table = p.table;
 
-       xtables_rule_matches_free(&cs.matches);
-       if (cs.target) {
-               free(cs.target->t);
-               cs.target->t = NULL;
-       }
+       nft_clear_iptables_command_state(&cs);
 
        if (h->family == AF_INET) {
                free(args.s.addr.v4);