]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3570b6b)
evaluate: Fix memleak in stmt_reject_gen_dependency()
authorPhil Sutter <phil@nwl.cc>
Thu, 1 Mar 2018 14:00:29 +0000 (15:00 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 2 Mar 2018 10:46:56 +0000 (11:46 +0100)
The allocated payload expression is not used after returning from that
function, so it needs to be freed again.

Simple test case:

| nft add rule inet t c reject with tcp reset

Valgrind reports definitely lost 144 bytes.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/evaluate.c patch | blob | blame | history

diff --git a/src/evaluate.c b/src/evaluate.c
index 54fd6b61dbbdf5a648405a0a90beffc62145f86e..40a9292fe53af843d7b55bdd74a5ce98eaa9cae4 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2143,8 +2143,10 @@ static int stmt_reject_gen_dependency(struct eval_ctx *ctx, struct stmt *stmt,
        if (ret <= 0)
                return ret;
 
-       if (payload_gen_dependency(ctx, payload, &nstmt) < 0)
-               return -1;
+       if (payload_gen_dependency(ctx, payload, &nstmt) < 0) {
+               ret = -1;
+               goto out;
+       }
 
        /*
         * Unlike payload deps this adds the dependency at the beginning, i.e.
@@ -2155,7 +2157,9 @@ static int stmt_reject_gen_dependency(struct eval_ctx *ctx, struct stmt *stmt,
         * Otherwise we'd log things that won't be rejected.
         */
        list_add(&nstmt->list, &ctx->rule->stmts);
-       return 0;
+out:
+       xfree(payload);
+       return ret;
 }
 
 static int stmt_evaluate_reject_inet_family(struct eval_ctx *ctx,
Mirror of git://git.netfilter.org/nftables