| Message ID | 1465554054-16283-1-git-send-email-carlosfg@riseup.net |
|---|---|
| State | Changes Requested |
| Delegated to: | Pablo Neira |
| Headers | show |
On 10 June 2016 at 12:20, Carlos Falgueras García <carlosfg@riseup.net> wrote: > Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net> > --- > src/rule.c | 1 + > src/set_elem.c | 1 + > 2 files changed, 2 insertions(+) > > diff --git a/src/rule.c b/src/rule.c > index 1e1a138..4c22436 100644 > --- a/src/rule.c > +++ b/src/rule.c > @@ -112,6 +112,7 @@ void nftnl_rule_unset(struct nftnl_rule *r, uint16_t attr) > case NFTNL_RULE_POSITION: > case NFTNL_RULE_FAMILY: > case NFTNL_RULE_USERDATA: > + xfree(r->user.data); > break; > } > I think you need to isolate this NFTNL_RULE_USERDATA case from the others by avoiding the fall through. Example: an user calling nftnl_rule_unset() with NFTNL_RULE_FAMILY will free 'r->user.data'. That doesn't seem correct.
On 06/10/2016 01:14 PM, Arturo Borrero Gonzalez wrote: > On 10 June 2016 at 12:20, Carlos Falgueras García <carlosfg@riseup.net> wrote: >> Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net> >> --- >> src/rule.c | 1 + >> src/set_elem.c | 1 + >> 2 files changed, 2 insertions(+) >> >> diff --git a/src/rule.c b/src/rule.c >> index 1e1a138..4c22436 100644 >> --- a/src/rule.c >> +++ b/src/rule.c >> @@ -112,6 +112,7 @@ void nftnl_rule_unset(struct nftnl_rule *r, uint16_t attr) >> case NFTNL_RULE_POSITION: >> case NFTNL_RULE_FAMILY: >> case NFTNL_RULE_USERDATA: >> + xfree(r->user.data); >> break; >> } >> > > I think you need to isolate this NFTNL_RULE_USERDATA case from the > others by avoiding the fall through. > > Example: an user calling nftnl_rule_unset() with NFTNL_RULE_FAMILY > will free 'r->user.data'. That doesn't seem correct. thank you! This is an embarrassing mistake >.< -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/src/rule.c b/src/rule.c index 1e1a138..4c22436 100644 --- a/src/rule.c +++ b/src/rule.c @@ -112,6 +112,7 @@ void nftnl_rule_unset(struct nftnl_rule *r, uint16_t attr) case NFTNL_RULE_POSITION: case NFTNL_RULE_FAMILY: case NFTNL_RULE_USERDATA: + xfree(r->user.data); break; } diff --git a/src/set_elem.c b/src/set_elem.c index da30b02..e585d84 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -82,6 +82,7 @@ void nftnl_set_elem_unset(struct nftnl_set_elem *s, uint16_t attr) case NFTNL_SET_ELEM_TIMEOUT: /* NFTA_SET_ELEM_TIMEOUT */ case NFTNL_SET_ELEM_EXPIRATION: /* NFTA_SET_ELEM_EXPIRATION */ case NFTNL_SET_ELEM_USERDATA: /* NFTA_SET_ELEM_USERDATA */ + xfree(s->user.data); break; case NFTNL_SET_ELEM_EXPR: if (s->flags & (1 << NFTNL_SET_ELEM_EXPR)) {
Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net> --- src/rule.c | 1 + src/set_elem.c | 1 + 2 files changed, 2 insertions(+)