63 lines
1.8 KiB
Diff
63 lines
1.8 KiB
Diff
|
From c3c2777d4b62db4b49fd3dcf8293562defa95112 Mon Sep 17 00:00:00 2001
|
||
|
From: Phil Sutter <psutter@redhat.com>
|
||
|
Date: Tue, 29 Jan 2019 18:12:15 +0100
|
||
|
Subject: [PATCH] flowtable: Fix memleak in nftnl_flowtable_parse_devs()
|
||
|
|
||
|
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1661327
|
||
|
Upstream Status: libnftnl commit 8ef66870832d5
|
||
|
|
||
|
commit 8ef66870832d56881703a7798ecdff9e19917b15
|
||
|
Author: Phil Sutter <phil@nwl.cc>
|
||
|
Date: Thu Dec 20 21:03:30 2018 +0100
|
||
|
|
||
|
flowtable: Fix memleak in nftnl_flowtable_parse_devs()
|
||
|
|
||
|
Allocated strings in dev_array were not freed. Fix this by freeing them
|
||
|
on error path and assigning them to c->dev_array directly in regular
|
||
|
path.
|
||
|
|
||
|
Fixes: eb58f53372e74 ("src: add flowtable support")
|
||
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
||
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
||
|
---
|
||
|
src/flowtable.c | 10 +++++++---
|
||
|
1 file changed, 7 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/src/flowtable.c b/src/flowtable.c
|
||
|
index 61ff29b..1762bd1 100644
|
||
|
--- a/src/flowtable.c
|
||
|
+++ b/src/flowtable.c
|
||
|
@@ -364,7 +364,7 @@ static int nftnl_flowtable_parse_devs(struct nlattr *nest,
|
||
|
|
||
|
mnl_attr_for_each_nested(attr, nest) {
|
||
|
if (mnl_attr_get_type(attr) != NFTA_DEVICE_NAME)
|
||
|
- return -1;
|
||
|
+ goto err;
|
||
|
dev_array[len++] = strdup(mnl_attr_get_str(attr));
|
||
|
if (len >= 8)
|
||
|
break;
|
||
|
@@ -375,14 +375,18 @@ static int nftnl_flowtable_parse_devs(struct nlattr *nest,
|
||
|
|
||
|
c->dev_array = calloc(len + 1, sizeof(char *));
|
||
|
if (!c->dev_array)
|
||
|
- return -1;
|
||
|
+ goto err;
|
||
|
|
||
|
c->dev_array_len = len;
|
||
|
|
||
|
for (i = 0; i < len; i++)
|
||
|
- c->dev_array[i] = strdup(dev_array[i]);
|
||
|
+ c->dev_array[i] = dev_array[i];
|
||
|
|
||
|
return 0;
|
||
|
+err:
|
||
|
+ while (len--)
|
||
|
+ xfree(dev_array[len]);
|
||
|
+ return -1;
|
||
|
}
|
||
|
|
||
|
static int nftnl_flowtable_parse_hook(struct nlattr *attr, struct nftnl_flowtable *c)
|
||
|
--
|
||
|
1.8.3.1
|
||
|
|