netlink: release dummy rule object from netlink_parse_set_expr()

netlink_parse_set_expr() creates a dummy rule object to reuse the
existing netlink parser. Release the rule object to fix a memleak.
Zap the statement list to avoid a use-after-free since the statement
needs to remain in place after releasing the rule.

==21601==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 2016 byte(s) in 4 object(s) allocated from:
    #0 0x7f7824b26330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
    #1 0x7f78245fcebd in xmalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:36
    #2 0x7f78245fd016 in xzalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:65
    #3 0x7f782456f0b5 in rule_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/rule.c:623

Add a test to check for set counters.

SUMMARY: AddressSanitizer: 2016 byte(s) leaked in 4 allocation(s).

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 7f7ad2626e14b3d02ac3418e3bf55c67828bff7e..8de4830c4f806c8d8d304593ee7371ca670951c3 100644 (file)
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1682,13 +1682,19 @@ struct stmt *netlink_parse_set_expr(const struct set *set,
                                    const struct nftnl_expr *nle)
 {
        struct netlink_parse_ctx ctx, *pctx = &ctx;
+       struct handle h = {};
 
-       pctx->rule = rule_alloc(&netlink_location, &set->handle);
+       handle_merge(&h, &set->handle);
+       pctx->rule = rule_alloc(&netlink_location, &h);
        pctx->table = table_lookup(&set->handle, cache);
        assert(pctx->table != NULL);
 
        if (netlink_parse_expr(nle, pctx) < 0)
                return NULL;
+
+       init_list_head(&pctx->rule->stmts);
+       rule_free(pctx->rule);
+
        return pctx->stmt;
 }
 

diff --git a/tests/shell/testcases/sets/0048set_counters_0 b/tests/shell/testcases/sets/0048set_counters_0
new file mode 100755 (executable)
index 0000000..e62d25d
--- /dev/null
+++ b/tests/shell/testcases/sets/0048set_counters_0
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -e
+
+EXPECTED="table ip x {
+          set y {
+                  typeof ip saddr
+                  counter
+                  elements = { 192.168.10.35, 192.168.10.101, 192.168.10.135 }
+          }
+
+          chain z {
+                  type filter hook output priority filter; policy accept;
+                  ip daddr @y
+          }
+}"
+
+$NFT -f - <<< "$EXPECTED"

diff --git a/tests/shell/testcases/sets/dumps/0048set_counters_0.nft b/tests/shell/testcases/sets/dumps/0048set_counters_0.nft
new file mode 100644 (file)
index 0000000..2145f6b
--- /dev/null
+++ b/tests/shell/testcases/sets/dumps/0048set_counters_0.nft
@@ -0,0 +1,13 @@
+table ip x {
+       set y {
+               typeof ip saddr
+               counter
+               elements = { 192.168.10.35 counter packets 0 bytes 0, 192.168.10.101 counter packets 0 bytes 0,
+                            192.168.10.135 counter packets 0 bytes 0 }
+       }
+
+       chain z {
+               type filter hook output priority filter; policy accept;
+               ip daddr @y
+       }
+}