src: fix netlink_get_setelem() memleaks

==26693==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 256 byte(s) in 2 object(s) allocated from:
    #0 0x7f6ce2189330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
    #1 0x7f6ce1b1767a in xmalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:36
    #2 0x7f6ce1b177d3 in xzalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:65
    #3 0x7f6ce1a41760 in expr_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/expression.c:45
    #4 0x7f6ce1a4dea7 in set_elem_expr_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/expression.c:1278
    #5 0x7f6ce1ac2215 in netlink_delinearize_setelem /home/pablo/devel/scm/git-netfilter/nftables/src/netlink.c:1094
    #6 0x7f6ce1ac3c16 in list_setelem_cb /home/pablo/devel/scm/git-netfilter/nftables/src/netlink.c:1172
    #7 0x7f6ce0198808 in nftnl_set_elem_foreach /home/pablo/devel/scm/git-netfilter/libnftnl/src/set_elem.c:725

Indirect leak of 256 byte(s) in 2 object(s) allocated from:
    #0 0x7f6ce2189330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
    #1 0x7f6ce1b1767a in xmalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:36
    #2 0x7f6ce1b177d3 in xzalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:65
    #3 0x7f6ce1a41760 in expr_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/expression.c:45
    #4 0x7f6ce1a4515d in constant_expr_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/expression.c:388
    #5 0x7f6ce1abaf12 in netlink_alloc_value /home/pablo/devel/scm/git-netfilter/nftables/src/netlink.c:354
    #6 0x7f6ce1ac17f5 in netlink_delinearize_setelem /home/pablo/devel/scm/git-netfilter/nftables/src/netlink.c:1080
    #7 0x7f6ce1ac3c16 in list_setelem_cb /home/pablo/devel/scm/git-netfilter/nftables/src/netlink.c:1172
    #8 0x7f6ce0198808 in nftnl_set_elem_foreach /home/pablo/devel/scm/git-netfilter/libnftnl/src/set_elem.c:725

Indirect leak of 16 byte(s) in 1 object(s) allocated from:
    #0 0x7f6ce2189720 in __interceptor_realloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9720)
    #1 0x7f6ce1b1778d in xrealloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:55
    #2 0x7f6ce1b1756d in gmp_xrealloc /home/pablo/devel/scm/git-netfilter/nftables/src/gmputil.c:202
    #3 0x7f6ce1417059 in __gmpz_realloc (/usr/lib/x86_64-linux-gnu/libgmp.so.10+0x23059)

Indirect leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x7f6ce2189330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
    #1 0x7f6ce1b1767a in xmalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:36
    #2 0x7f6ce14105c5 in __gmpz_init2 (/usr/lib/x86_64-linux-gnu/libgmp.so.10+0x1c5c5)

SUMMARY: AddressSanitizer: 536 byte(s) leaked in 6 allocation(s).

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/netlink.c b/src/netlink.c
index bb014320ea6cb227056901c611df7309918fdcbc..fb0a17bac0d725f005b7b1cb0945d0ffe274dbec 100644 (file)
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1236,8 +1236,10 @@ int netlink_get_setelem(struct netlink_ctx *ctx, const struct handle *h,
        netlink_dump_set(nls, ctx);
 
        nls_out = mnl_nft_setelem_get_one(ctx, nls);
-       if (!nls_out)
+       if (!nls_out) {
+               nftnl_set_free(nls);
                return -1;
+       }
 
        ctx->set = set;
        set->init = set_expr_alloc(loc, set);

diff --git a/src/segtree.c b/src/segtree.c
index 2b5831f2d64b2ae8cc9f764dc545c61312755dc7..266a2b4dc98b5772517c4ab292a864545dfd7baf 100644 (file)
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -744,6 +744,8 @@ int get_set_decompose(struct table *table, struct set *set)
                                errno = ENOENT;
                                return -1;
                        }
+                       expr_free(left);
+                       expr_free(i);
 
                        compound_expr_add(new_init, range);
                        left = NULL;