diff mbox series

[nft] rule: fix memleak in do_get_setelems()

Message ID 20181003141422.16054-1-pablo@netfilter.org
State Accepted
Delegated to: Pablo Neira
Headers show
Series [nft] rule: fix memleak in do_get_setelems() | expand

Commit Message

Pablo Neira Ayuso Oct. 3, 2018, 2:14 p.m. UTC 
Release set and elements in case of error.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/rule.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)
diff mbox series

Patch

diff --git a/src/rule.c b/src/rule.c
index e6d61b670688..6d027c261f97 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -2190,17 +2190,15 @@  static int do_get_setelems(struct netlink_ctx *ctx, struct cmd *cmd,
 	/* Fetch from kernel the elements that have been requested .*/
 	err = netlink_get_setelem(ctx, &cmd->handle, &cmd->location,
 				  table, new_set, init);
-	if (err < 0)
-		return err;
-
-	__do_list_set(ctx, cmd, table, new_set);
+	if (err >= 0)
+		__do_list_set(ctx, cmd, table, new_set);
 
 	if (set->flags & NFT_SET_INTERVAL)
 		expr_free(init);
 
 	set_free(new_set);
 
-	return 0;
+	return err;
 }
 
 static int do_command_get(struct netlink_ctx *ctx, struct cmd *cmd)