From: Patrick McHardy <kaber@trash.net>
Date: Tue, 24 Mar 2015 11:51:45 +0000 (+0000)
Subject: netlink: fix use after free in netlink_get_table()
X-Git-Tag: v0.5~64
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fffa3cc22b84d4fab237a6974041fe502c7b6034;p=thirdparty%2Fnftables.git

netlink: fix use after free in netlink_get_table()

Signed-off-by: Patrick McHardy <kaber@trash.net>
---

diff --git a/src/netlink.c b/src/netlink.c
index 24dda67c..f957295e 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -953,19 +953,19 @@ int netlink_get_table(struct netlink_ctx *ctx, const struct handle *h,
 
 	nlt = alloc_nft_table(h);
 	err = mnl_nft_table_get(nf_sock, nlt, 0);
-	nft_table_free(nlt);
-
 	if (err < 0) {
 		netlink_io_error(ctx, loc,
 				 "Could not receive table from kernel: %s",
 				 strerror(errno));
-		return err;
+		goto out;
 	}
 
 	ntable = netlink_delinearize_table(ctx, nlt);
 	table->flags = ntable->flags;
 	xfree(ntable);
-	return 0;
+out:
+	nft_table_free(nlt);
+	return err;
 }
 
 int netlink_list_table(struct netlink_ctx *ctx, const struct handle *h,