diff mbox

[lnf-ct] src: callback: fix memory leak when ct has dynamically allocated attr

Message ID 1372848761-14444-1-git-send-email-fw@strlen.de
State Accepted
Headers show

Commit Message

Florian Westphal July 3, 2013, 10:52 a.m. UTC 
Must free ct and exp using the _destroy functions, else we leak attributes with malloc'd data.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 src/callback.c |   34 ++++++++--------------------------
 1 files changed, 8 insertions(+), 26 deletions(-)

Comments

Pablo Neira Ayuso July 3, 2013, 10:55 a.m. UTC | #1 
On Wed, Jul 03, 2013 at 12:52:41PM +0200, Florian Westphal wrote:
> Must free ct and exp using the _destroy functions, else we leak attributes with malloc'd data.

Looks good, push it please.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/src/callback.c b/src/callback.c
index 684d3b2..19cc663 100644
--- a/src/callback.c
+++ b/src/callback.c
@@ -82,31 +82,13 @@  int __callback(struct nlmsghdr *nlh, struct nfattr *nfa[], void *data)
 		break;
 	}
 
-	switch(ret) {
-	case NFCT_CB_FAILURE:
-		if (ct)
-			free(ct);
-		if (exp)
-			free(exp);
-		ret = NFNL_CB_FAILURE;
-		break;
-	case NFCT_CB_STOP:
-		if (ct)
-			free(ct);
-		if (exp)
-			free(exp);
-		ret = NFNL_CB_STOP;
-		break;
-	case NFCT_CB_CONTINUE:
-		if (ct)
-			free(ct);
-		if (exp)
-			free(exp);
-		ret = NFNL_CB_CONTINUE;
-		break;
-	case NFCT_CB_STOLEN:
-		ret = NFNL_CB_CONTINUE;
-		break;
-	}
+	if (ret == NFCT_CB_STOLEN)
+		return NFNL_CB_CONTINUE;
+
+	if (ct)
+		nfct_destroy(ct);
+	if (exp)
+		nfexp_destroy(exp);
+
 	return ret;
 }