These fix reports for definitely lost blocks in valgrind. Not really
memleaks, but due to nft_handle going out of scope they're counted as
lost. Still worth fixing though since it reduces noise when auditing
code for real issues.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
.save_chain = nft_arp_save_chain,
.post_parse = NULL,
.rule_to_cs = nft_arp_rule_to_cs,
- .clear_cs = NULL,
+ .clear_cs = nft_clear_iptables_command_state,
.rule_find = nft_arp_rule_find,
.parse_target = nft_arp_parse_target,
};
void nft_clear_iptables_command_state(struct iptables_command_state *cs)
{
xtables_rule_matches_free(&cs->matches);
+ if (cs->target)
+ free(cs->target->t);
}
void print_header(unsigned int format, const char *chain, const char *pol,
exit(EXIT_FAILURE);
}
- if (dump) {
- do_output(&h, tablename, show_counters);
+ ret = do_output(&h, tablename, show_counters);
+ nft_fini(&h);
+ if (dump)
exit(0);
- }
- return do_output(&h, tablename, show_counters);
+ return ret;
}
int xtables_ip4_save_main(int argc, char *argv[])
nft_chain_save(&h, nft_chain_dump(&h), "filter");
nft_rule_save(&h, "filter", FMT_NOCOUNTS);
printf("\n");
+ nft_fini(&h);
return 0;
}
projects / thirdparty / iptables.git / commitdiff
