netfilter: layer7 fix wrong fuzzy match change

author Arne Fitzenreiter <arne_f@ipfire.org>

Mon, 6 Mar 2017 07:50:15 +0000 (08:50 +0100)

committer Arne Fitzenreiter <arne_f@ipfire.org>

Mon, 12 Dec 2022 17:13:44 +0000 (18:13 +0100)
author Arne Fitzenreiter <arne_f@ipfire.org>
Mon, 6 Mar 2017 07:50:15 +0000 (08:50 +0100)
committer Arne Fitzenreiter <arne_f@ipfire.org>
Mon, 12 Dec 2022 17:13:44 +0000 (18:13 +0100)
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c

index 23b3fedd619a5dd4c519bb389ceab16d4e358677..1f62cfa4b9a05908c65ab2308a8266f20ab6f0ec 100644 (file)
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -604,6 +604,13 @@ void nf_ct_destroy(struct nf_conntrack *nfct)
          */
         nf_ct_remove_expectations(ct);
  
+#if defined(CONFIG_NETFILTER_XT_MATCH_LAYER7) || defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
+       if(ct->layer7.app_proto)
+               kfree(ct->layer7.app_proto);
+       if(ct->layer7.app_data)
+               kfree(ct->layer7.app_data);
+#endif
+
         if (ct->master)
                 nf_ct_put(ct->master);
author	Arne Fitzenreiter <arne_f@ipfire.org>
	Mon, 6 Mar 2017 07:50:15 +0000 (08:50 +0100)
committer	Arne Fitzenreiter <arne_f@ipfire.org>
	Mon, 12 Dec 2022 17:13:44 +0000 (18:13 +0100)