rule: Remove memory leak

Added matching xfree calls in chain_free(), for the chain members 'type' and
'dev'.

It can be reproduced by :
nft add chain x y { type filter hook input priority 0; }

Then:
$ sudo valgrind --leak-check=full nft list tables

==2899== HEAP SUMMARY:
==2899==     in use at exit: 327 bytes in 10 blocks
==2899==   total heap usage: 145 allocs, 135 frees, 211,462 bytes allocated
==2899==
==2899== 63 bytes in 9 blocks are definitely lost in loss record 1 of 2
==2899==    at 0x4C2AB80: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2899==    by 0x57A3839: strdup (strdup.c:42)
==2899==    by 0x41C05D: xstrdup (utils.c:64)
==2899==    by 0x411E9B: netlink_delinearize_chain.isra.3 (netlink.c:717)
==2899==    by 0x411F70: list_chain_cb (netlink.c:748)
==2899==    by 0x504A943: nft_chain_list_foreach (chain.c:1015)
==2899==    by 0x4145AE: netlink_list_chains (netlink.c:771)
==2899==    by 0x40793F: cache_init_objects (rule.c:90)
==2899==    by 0x40793F: cache_init (rule.c:130)
==2899==    by 0x40793F: cache_update (rule.c:147)
==2899==    by 0x40FB59: cmd_evaluate (evaluate.c:2475)
==2899==    by 0x429A1C: nft_parse (parser_bison.y:655)
==2899==    by 0x40651C: nft_run (main.c:231)
==2899==    by 0x40618C: main (main.c:357)
==2899==
==2899== LEAK SUMMARY:
==2899==    definitely lost: 63 bytes in 9 blocks
==2899==    indirectly lost: 0 bytes in 0 blocks
==2899==      possibly lost: 0 bytes in 0 blocks
==2899==    still reachable: 264 bytes in 1 blocks
==2899==         suppressed: 0 bytes in 0 blocks
==2899== Reachable blocks (those to which a pointer was found) are not shown.
==2899== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==2899==
==2899== For counts of detected and suppressed errors, rerun with: -v
==2899== Use --track-origins=yes to see where uninitialised values come from
==2899== ERROR SUMMARY: 4 errors from 2 contexts (suppressed: 0 from 0)

Signed-off-by: Piyush Pangtey <gokuvsvegita@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/rule.c b/src/rule.c
index 0b7854953489c33daae445c680feb3ffdc4e6d0b..85987b9b5a09d74176797f7fcb2fb8896cbd3f2a 100644 (file)
--- a/src/rule.c
+++ b/src/rule.c
@@ -510,6 +510,9 @@ void chain_free(struct chain *chain)
                rule_free(rule);
        handle_free(&chain->handle);
        scope_release(&chain->scope);
+       xfree(chain->type);
+       if (chain->dev != NULL)
+               xfree(chain->dev);
        xfree(chain);
 }