From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 28 Jul 2020 17:39:12 +0000 (+0200)
Subject: evaluate: memleak in invalid default policy definition
X-Git-Tag: v0.9.7~49
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1b5fdcbb3564fdb52cc11dedbb446701f3ce53e6;p=thirdparty%2Fnftables.git

evaluate: memleak in invalid default policy definition

Release the clone expression from the exit path.

Fixes: 5173151863d3 ("evaluate: replace variable expression by the value expression")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/src/evaluate.c b/src/evaluate.c
index a84e9609..a9822ebc 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2017,8 +2017,10 @@ static int expr_evaluate_variable(struct eval_ctx *ctx, struct expr **exprp)
 {
 	struct expr *new = expr_clone((*exprp)->sym->expr);
 
-	if (expr_evaluate(ctx, &new) < 0)
+	if (expr_evaluate(ctx, &new) < 0) {
+		expr_free(new);
 		return -1;
+	}
 
 	expr_free(*exprp);
 	*exprp = new;