optimize: memleak in statement matrix

Release clone object in case this statement is not supported.

Fixes: 743b0e81371f ("optimize: do not clone unsupported statement")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/optimize.c b/src/optimize.c
index cb3fff21b1256706d76b785f2ab8ce009198159e..d6dfffec3c86153baa13f458cd4dadef9a43e92a 100644 (file)
--- a/src/optimize.c
+++ b/src/optimize.c
@@ -304,6 +304,7 @@ static int rule_collect_stmts(struct optimize_ctx *ctx, struct rule *rule)
                        clone->nat.type_flags = stmt->nat.type_flags;
                        break;
                default:
+                       stmt_free(clone);
                        continue;
                }