@@ -972,6 +972,7 @@ common_block : INCLUDE QUOTED_STRING stmt_separator
if (symbol_unbind(scope, $2) < 0) {
erec_queue(error(&@2, "undefined symbol '%s'", $2),
state->msgs);
+ xfree($2);
YYERROR;
}
xfree($2);
@@ -2162,6 +2163,7 @@ data_type_atom_expr : type_identifier
if (dtype == NULL) {
erec_queue(error(&@1, "unknown datatype %s", $1),
state->msgs);
+ xfree($1);
YYERROR;
}
$$ = constant_expr_alloc(&@1, dtype, dtype->byteorder,
@@ -2717,6 +2719,7 @@ comment_spec : COMMENT string
erec_queue(error(&@2, "comment too long, %d characters maximum allowed",
NFTNL_UDATA_COMMENT_MAXLEN),
state->msgs);
+ xfree($2);
YYERROR;
}
$$ = $2;
Release dynamically allocated string by lex from the YYERROR path, e.g. # cat test.nft table x { map test { type ipv4_addr . foo . inet_service : ipv4_addr . inet_service } } # nft -f test.nft test.nft:3:20-22: Error: unknown datatype foo type ipv4_addr . foo . inet_service : ipv4_addr . inet_service ^^^ test.nft:6-9: Error: set definition does not specify key map test { ^^^^ ==29692==ERROR: LeakSanitizer: detected memory leaks Direct leak of 5 byte(s) in 1 object(s) allocated from: #0 0x7f6c869e8810 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x3a810) #1 0x7f6c8637f63a in xstrdup /home/test/nftables/src/utils.c:85 #2 0x7f6c8648a4d3 in nft_lex /home/test/nftables/src/scanner.l:740 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- Supersedes: https://patchwork.ozlabs.org/project/netfilter-devel/patch/20210623111249.30742-1-pablo@netfilter.org/ src/parser_bison.y | 3 +++ 1 file changed, 3 insertions(+)