From b8d39d718360e1b46be846dbedd94a6b099a9e31 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Tue, 23 Apr 2019 13:18:05 +0200 Subject: [PATCH] src: fix double free on xt stmt destruction 'nft monitor' dies with: *** Error in `/sbin/nft': double free or corruption (fasttop): 0x000055f8ba57b750 *** ... when the iptables-nft test suite is running in parallel, because xfree(stmt->xt.name) gets called twice. Fixes: 4ac11b890fe870 ("src: missing destroy function in statement definitions") Signed-off-by: Florian Westphal Acked-by: Pablo Neira Ayuso (cherry picked from commit 99afd62d48f4c510bdb4076eb9d811c001ad1cac) Signed-off-by: Phil Sutter --- include/xt.h | 2 +- src/statement.c | 6 ------ src/xt.c | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/include/xt.h b/include/xt.h index ab59bb3d45a41..9fc515084d597 100644 --- a/include/xt.h +++ b/include/xt.h @@ -9,7 +9,7 @@ struct rule; struct output_ctx; void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx); -void xt_stmt_release(const struct stmt *stmt); +void xt_stmt_destroy(struct stmt *stmt); void netlink_parse_target(struct netlink_parse_ctx *ctx, const struct location *loc, diff --git a/src/statement.c b/src/statement.c index 29b73f9fba4ae..c261540b92ebd 100644 --- a/src/statement.c +++ b/src/statement.c @@ -783,12 +783,6 @@ static void xt_stmt_print(const struct stmt *stmt, struct output_ctx *octx) xt_stmt_xlate(stmt, octx); } -static void xt_stmt_destroy(struct stmt *stmt) -{ - xfree(stmt->xt.name); - xt_stmt_release(stmt); -} - static const struct stmt_ops xt_stmt_ops = { .type = STMT_XT, .name = "xt", diff --git a/src/xt.c b/src/xt.c index c35c84edca0e6..ef371720fbcfa 100644 --- a/src/xt.c +++ b/src/xt.c @@ -74,7 +74,7 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx) #endif } -void xt_stmt_release(const struct stmt *stmt) +void xt_stmt_destroy(struct stmt *stmt) { switch (stmt->xt.type) { case NFT_XT_MATCH: -- 2.21.0