diff mbox

iptables: missing free() in function delete_entry()

Message ID 20120308152041.7a789c4f@frequentis.com
State Accepted
Headers show

Commit Message

Christian Engelmayer March 8, 2012, 2:20 p.m. UTC 
From: Franz Flasch <franz.flasch@frequentis.com>

Fixed a memory leak in the dry run path of function delete_entry().

Signed-off-by: Franz Flasch <franz.flasch@frequentis.com>
Signed-off-by: Christian Engelmayer <christian.engelmayer@frequentis.com>
---

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Pablo Neira Ayuso March 12, 2012, 12:13 p.m. UTC | #1 
On Thu, Mar 08, 2012 at 03:20:41PM +0100, Christian Engelmayer wrote:
> From: Franz Flasch <franz.flasch@frequentis.com>
> 
> Fixed a memory leak in the dry run path of function delete_entry().

Applied, thanks.

For your notice: I have put these in the master branch to skip the
overhead of maintaining -stable for the little amount of changes we
have had this time.

Since linux 3.3 is approaching, expect a new iptables release soon.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

--- iptables-1.4.12.2/libiptc/libiptc.c	2012-01-02 18:19:09.000000000 +0100
+++ iptables-1.4.12.2-modified/libiptc/libiptc.c	2012-03-08 14:27:24.000000000 +0100
@@ -2001,8 +2001,10 @@  static int delete_entry(const IPT_CHAINL
 			continue;
 
 		/* if we are just doing a dry run, we simply skip the rest */
-		if (dry_run)
+		if (dry_run){
+			free(r);
 			return 1;
+		}
 
 		/* If we are about to delete the rule that is the
 		 * current iterator, move rule iterator back.  next