diff options
| author | Phil Sutter <phil@nwl.cc> | 2022-12-20 15:29:57 +0100 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2022-12-21 17:50:32 +0100 |
| commit | a6ec82b4fb95ba9321e244a5251cf67b794c6ae0 (patch) | |
| tree | af57e7fee7982e916420ff7ca7df115d4a38e1ed | |
| parent | 25deaa3adacb81c2c6c8b04572f09aa7d6491abe (diff) | |
conntrack: Sanitize free_tmpl_objects()
The function unconditionally dereferenced its parameter, yet it is
possible for the passed 'cur_tmpl' pointer when called from exit_error()
to be still NULL: It is assigned to by alloc_tmpl_objects() at start of
do_parse(), though callers of that function might call exit_error() in
beforehand.
Fixes: 258b4540f4512 ("conntrack: add struct ct_tmpl")
Signed-off-by: Phil Sutter <phil@nwl.cc>
| -rw-r--r-- | src/conntrack.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/conntrack.c b/src/conntrack.c index 2bd71e1..23eaf27 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -139,6 +139,8 @@ static int alloc_tmpl_objects(struct ct_tmpl *tmpl) static void free_tmpl_objects(struct ct_tmpl *tmpl) { + if (!tmpl) + return; if (tmpl->ct) nfct_destroy(tmpl->ct); if (tmpl->exptuple) |