]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4622a8c)
evaluate: release mpz type in expr_evaluate_list() error path
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 11 Jan 2024 21:14:34 +0000 (22:14 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 12 Jan 2024 11:19:55 +0000 (12:19 +0100)
Detected when running:

 # nft -f tests/shell/testcases/bogons/nft-f/no_integer_basetype_crash
 ==383222==ERROR: LeakSanitizer: detected memory leaks

 Direct leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x7fe7b54a9e8f in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x7fe7b538b9a9 in __gmp_default_allocate (/lib/x86_64-linux-gnu/libgmp.so.10+0xc9a9)

Fixes: 3671c4897003 ("evaluate: guard against NULL basetype")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/evaluate.c patch | blob | blame | history

diff --git a/src/evaluate.c b/src/evaluate.c
index 6c29579f60d7c7f24890c2141517e6f36091d194..3b3661669b306c3e4403f7285ad75dd9f5a679d2 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1695,16 +1695,22 @@ static int expr_evaluate_list(struct eval_ctx *ctx, struct expr **expr)
 
        mpz_init_set_ui(val, 0);
        list_for_each_entry_safe(i, next, &list->expressions, list) {
-               if (list_member_evaluate(ctx, &i) < 0)
+               if (list_member_evaluate(ctx, &i) < 0) {
+                       mpz_clear(val);
                        return -1;
-               if (i->etype != EXPR_VALUE)
+               }
+               if (i->etype != EXPR_VALUE) {
+                       mpz_clear(val);
                        return expr_error(ctx->msgs, i,
                                          "List member must be a constant "
                                          "value");
-               if (datatype_basetype(i->dtype)->type != TYPE_BITMASK)
+               }
+               if (datatype_basetype(i->dtype)->type != TYPE_BITMASK) {
+                       mpz_clear(val);
                        return expr_error(ctx->msgs, i,
                                          "Basetype of type %s is not bitmask",
                                          i->dtype->desc);
+               }
                mpz_ior(val, val, i->value);
        }
 
Mirror of git://git.netfilter.org/nftables