diff mbox

[v2] nft: fix leak of iterators

Message ID 20130608122435.4354.49219.stgit@localhost
State Accepted
Headers show

Commit Message

Giuseppe Longo June 8, 2013, 12:24 p.m. UTC 
This patch fix leak of iterators
Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
---
 iptables/nft.c |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Pablo Neira Ayuso June 8, 2013, 12:46 p.m. UTC | #1 
On Sat, Jun 08, 2013 at 02:24:35PM +0200, Giuseppe Longo wrote:
> This patch fix leak of iterators

Applied, thanks Giuseppe.

We are still leaking list objects (track function nft_rule_list_get)
it has to be released as well. Can you send me a patch for that as
well?

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/iptables/nft.c b/iptables/nft.c
index c18999b..5a0b814 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1112,6 +1112,7 @@  next:
 		c = nft_chain_list_iter_next(iter);
 	}
 
+	nft_chain_list_iter_destroy(iter);
 	nft_chain_list_free(list);
 
 	return 1;
@@ -1200,6 +1201,7 @@  next:
 		r = nft_rule_list_iter_next(iter);
 	}
 
+	nft_rule_list_iter_destroy(iter);
 	nft_rule_list_free(list);
 
 	/* the core expects 1 for success and 0 for error */
@@ -1276,6 +1278,8 @@  int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table)
 next:
 		c = nft_chain_list_iter_next(iter);
 	}
+	
+	nft_chain_list_iter_destroy(iter);
 
 err:
 	nft_chain_list_free(list);
@@ -1390,6 +1394,8 @@  next:
 		c = nft_chain_list_iter_next(iter);
 	}
 
+	nft_chain_list_iter_destroy(iter);
+
 err:
 	nft_chain_list_free(list);