netfilter: layer7 fix wrong fuzzy match change

author Arne Fitzenreiter <arne_f@ipfire.org>

Mon, 6 Mar 2017 07:50:15 +0000 (08:50 +0100)

committer Michael Tremer <michael.tremer@ipfire.org>

Wed, 28 Sep 2022 09:35:10 +0000 (09:35 +0000)
author Arne Fitzenreiter <arne_f@ipfire.org>
Mon, 6 Mar 2017 07:50:15 +0000 (08:50 +0100)
committer Michael Tremer <michael.tremer@ipfire.org>
Wed, 28 Sep 2022 09:35:10 +0000 (09:35 +0000)
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c

index 1357a2729a4ba699522ab499ef0e7fdc3925974f..7cf2b36ca40c0db40a761e6ea5a903290468f42c 100644 (file)
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -601,6 +601,13 @@ void nf_ct_destroy(struct nf_conntrack *nfct)
          */
         nf_ct_remove_expectations(ct);
  
+#if defined(CONFIG_NETFILTER_XT_MATCH_LAYER7) || defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
+       if(ct->layer7.app_proto)
+               kfree(ct->layer7.app_proto);
+       if(ct->layer7.app_data)
+               kfree(ct->layer7.app_data);
+#endif
+
         if (ct->master)
                 nf_ct_put(ct->master);
author	Arne Fitzenreiter <arne_f@ipfire.org>
	Mon, 6 Mar 2017 07:50:15 +0000 (08:50 +0100)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Wed, 28 Sep 2022 09:35:10 +0000 (09:35 +0000)