]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d268580)
netlink: fix use after free in netlink_get_table()
authorPatrick McHardy <kaber@trash.net>
Tue, 24 Mar 2015 11:51:45 +0000 (11:51 +0000)
committerPatrick McHardy <kaber@trash.net>
Wed, 25 Mar 2015 20:47:49 +0000 (20:47 +0000)
Signed-off-by: Patrick McHardy <kaber@trash.net>
src/netlink.c patch | blob | blame | history

diff --git a/src/netlink.c b/src/netlink.c
index 24dda67c42bfcc4a4d720d515bf2b8cdf32ca0fc..f957295ef4fccc0703a20c38b57241d026cec067 100644 (file)
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -953,19 +953,19 @@ int netlink_get_table(struct netlink_ctx *ctx, const struct handle *h,
 
        nlt = alloc_nft_table(h);
        err = mnl_nft_table_get(nf_sock, nlt, 0);
-       nft_table_free(nlt);
-
        if (err < 0) {
                netlink_io_error(ctx, loc,
                                 "Could not receive table from kernel: %s",
                                 strerror(errno));
-               return err;
+               goto out;
        }
 
        ntable = netlink_delinearize_table(ctx, nlt);
        table->flags = ntable->flags;
        xfree(ntable);
-       return 0;
+out:
+       nft_table_free(nlt);
+       return err;
 }
 
 int netlink_list_table(struct netlink_ctx *ctx, const struct handle *h,
Mirror of git://git.netfilter.org/nftables