Perform struct xtables_args object deinit in a common place, even though
it merely consists of freeing any IP addresses and masks.
This fixes for a memleak in arptables-translate as the check for
h->family didn't catch the value NFPROTO_ARP.
Fixes: 5b7324e0675e3 ("nft-arp: add arptables-translate")
Signed-off-by: Phil Sutter <phil@nwl.cc>
e = NULL;
}
- free(saddrs);
- free(smasks);
- free(daddrs);
- free(dmasks);
+ xtables_clear_args(&args);
xtables_free_opts(1);
return ret;
e = NULL;
}
- free(saddrs);
- free(smasks);
- free(daddrs);
- free(dmasks);
+ xtables_clear_args(&args);
xtables_free_opts(1);
return ret;
return mask;
}
+
+void xtables_clear_args(struct xtables_args *args)
+{
+ free(args->s.addr.ptr);
+ free(args->s.mask.ptr);
+ free(args->d.addr.ptr);
+ free(args->d.mask.ptr);
+}
void iface_to_mask(const char *ifname, unsigned char *mask);
+void xtables_clear_args(struct xtables_args *args);
+
#endif /* IPTABLES_XSHARED_H */
h->ops->clear_cs(&cs);
- if (h->family == AF_INET) {
- free(args.s.addr.v4);
- free(args.s.mask.v4);
- free(args.d.addr.v4);
- free(args.d.mask.v4);
- } else if (h->family == AF_INET6) {
- free(args.s.addr.v6);
- free(args.s.mask.v6);
- free(args.d.addr.v6);
- free(args.d.mask.v6);
- }
+ xtables_clear_args(&args);
xtables_free_opts(1);
return ret;
h->ops->clear_cs(&cs);
- free(args.s.addr.ptr);
- free(args.s.mask.ptr);
- free(args.d.addr.ptr);
- free(args.d.mask.ptr);
+ xtables_clear_args(&args);
xtables_free_opts(1);
return ret;
projects / thirdparty / iptables.git / commitdiff
