set_elem: fix access after free in case of parsing errors

If this fails to parse a set element, stop the processing.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/set_elem.c b/src/set_elem.c
index 5bb82f69fff292000b97984fca4614dca0ca8268..5ef46f2e06e9b1c086cf9a9875ac2410692f76c4 100644 (file)
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -298,8 +298,10 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest)
                        break;
                }
         }
-       if (ret < 0)
+       if (ret < 0) {
                xfree(e);
+               return -1;
+       }
 
        /* Add this new element to this set */
        list_add_tail(&e->head, &s->element_list);