diff mbox series

[nft,2/2] evaluate: datatype memleak after binop transfer

Message ID 20221004234442.779257-2-pablo@netfilter.org
State Accepted
Delegated to: Pablo Neira
Headers show
Series [nft,1/2] evaluate: bogus datatype assertion in binary operation evaluation | expand

Commit Message

Pablo Neira Ayuso Oct. 4, 2022, 11:44 p.m. UTC 
The following ruleset:

	ip version vmap { 4 : jump t3, 6 : jump t4 }

results in a memleak.

expr_evaluate_shift() overrides the datatype which results in a datatype
memleak after the binop transfer that triggers a left-shift of the
constant (in the map).

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/evaluate.c | 1 -
 1 file changed, 1 deletion(-)
diff mbox series

Patch

diff --git a/src/evaluate.c b/src/evaluate.c
index 2e2b8df0f004..0bf6a0d1b110 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1189,7 +1189,6 @@  static int expr_evaluate_shift(struct eval_ctx *ctx, struct expr **expr)
 	if (byteorder_conversion(ctx, &op->right, BYTEORDER_HOST_ENDIAN) < 0)
 		return -1;
 
-	op->dtype     = &integer_type;
 	op->byteorder = BYTEORDER_HOST_ENDIAN;
 	op->len       = left->len;