nftables/SOURCES/0009-segtree-memleak-in-get_set_decompose.patch
2021-09-09 22:49:01 +00:00

39 lines
1.1 KiB
Diff

From b18f069971e8e5c161e87ad1742b677ee4185bad Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 3 Oct 2018 12:16:40 +0200
Subject: [PATCH] segtree: memleak in get_set_decompose()
Release set content on error. Moreover, release input set content in
case we finally manage to decompose it.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
(cherry picked from commit e08c8bbfeda80f3807ce3784558ce1fb6f0d2bc8)
Signed-off-by: Phil Sutter <psutter@redhat.com>
---
src/segtree.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/segtree.c b/src/segtree.c
index 0d53c83fd837e..dc2554b72acf3 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -727,6 +727,7 @@ int get_set_decompose(struct table *table, struct set *set)
range = get_set_interval_find(table, set->handle.set.name,
left, i);
if (!range) {
+ expr_free(new_init);
errno = ENOENT;
return -1;
}
@@ -755,6 +756,7 @@ int get_set_decompose(struct table *table, struct set *set)
compound_expr_add(new_init, expr_clone(left));
}
+ expr_free(set->init);
set->init = new_init;
return 0;
--
2.21.0