netlink_linearize: do not duplicate user data when linearizing user data

Otherwise, we memory leak this area since nftnl_rule_set_data() now
makes a copy of the user data which receives. This is happening since
libnftnl's ("rule: Fix segfault due to invalid free of rule user data"),
it is not necessary make a copy before call it.

Note: Carlos originally posted this patch under the name of ("nftables:
Fix memory leak linearizing user data").

Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 62bb25c4aa226f5761b0f5de7aaf8c85b5ae7676..98c22d88796995985aec241a5e6e771e537d0684 100644 (file)
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -1127,8 +1127,6 @@ void netlink_linearize_rule(struct netlink_ctx *ctx, struct nftnl_rule *nlr,
 
        if (rule->comment) {
                struct nftnl_udata_buf *udata;
-               uint32_t udlen;
-               void *ud;
 
                udata = nftnl_udata_buf_alloc(NFT_USERDATA_MAXLEN);
                if (!udata)
@@ -1137,12 +1135,9 @@ void netlink_linearize_rule(struct netlink_ctx *ctx, struct nftnl_rule *nlr,
                if (!nftnl_udata_put_strz(udata, UDATA_TYPE_COMMENT,
                                          rule->comment))
                        memory_allocation_error();
-
-               udlen = nftnl_udata_buf_len(udata);
-               ud = xmalloc(udlen);
-               memcpy(ud, nftnl_udata_buf_data(udata), udlen);
-
-               nftnl_rule_set_data(nlr, NFTNL_RULE_USERDATA, ud, udlen);
+               nftnl_rule_set_data(nlr, NFTNL_RULE_USERDATA,
+                                   nftnl_udata_buf_data(udata),
+                                   nftnl_udata_buf_len(udata));
 
                nftnl_udata_buf_free(udata);
        }