| Message ID | 20230320134659.13731-2-phil@nwl.cc |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | [nft,1/2] Reduce signature of do_list_table() | expand |
diff --git a/src/rule.c b/src/rule.c index fadd7670d97a2..06042239c8437 100644 --- a/src/rule.c +++ b/src/rule.c @@ -2184,15 +2184,10 @@ static int do_list_ruleset(struct netlink_ctx *ctx, struct cmd *cmd) table->handle.family != family) continue; - cmd->handle.family = table->handle.family; - cmd->handle.table.name = table->handle.table.name; - if (do_list_table(ctx, table) < 0) return -1; } - cmd->handle.table.name = NULL; - return 0; }
Like other 'reset' commands, 'reset rules' also lists the (part of the) ruleset which was affected to give users a chance to store the zeroed values. Therefore do_command_reset() calls do_command_list(). This in turn calls do_list_ruleset() for CMD_OBJ_RULES which wasn't prepared for values stored in cmd->handle other than a possible family value and thus freely reused the pointers as scratch area for the do_list_table() call whiich in the past fetched each table's data directly from kernel. Meanwhile ruleset listing code has been integrated into the common caching logic, the 'cmd' pointer became unused by do_list_table(). The temporary cmd->handle manipulation is not needed anymore, dropping it prevents a memleak caused by overwriting of allocated table name pointer. Fixes: 1694df2de79f3 ("Implement 'reset rule' and 'reset rules' commands") Signed-off-by: Phil Sutter <phil@nwl.cc> --- src/rule.c | 5 ----- 1 file changed, 5 deletions(-)