| Message ID | 20210602152403.5689-5-phil@nwl.cc |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | Fix a bunch of static analyzer warnings | expand |
diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c index f2b935c57dab4..c3f6c14e0b99e 100644 --- a/iptables/nft-cmd.c +++ b/iptables/nft-cmd.c @@ -35,8 +35,10 @@ struct nft_cmd *nft_cmd_new(struct nft_handle *h, int command, if (state) { rule = nft_rule_new(h, chain, table, state); - if (!rule) + if (!rule) { + nft_cmd_free(cmd); return NULL; + } cmd->obj.rule = rule;
If rule allocation fails, free the allocated 'cmd' before returning to caller. Fixes: a7f1e208cdf9c ("nft: split parsing from netlink commands") Signed-off-by: Phil Sutter <phil@nwl.cc> --- iptables/nft-cmd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)