From b3b7eb6ce8773bcc76f603ebb0e606001894da34 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 6 May 2020 12:27:49 +0200
Subject: arptables: Fix leak in nft_arp_print_rule()

The function missed to clear struct iptables_command_state again after
use.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 iptables/nft-arp.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'iptables')

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index e9a2d9de..9a831efd 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -604,6 +604,8 @@ nft_arp_print_rule(struct nft_handle *h, struct nftnl_rule *r,
 
 	if (!(format & FMT_NONEWLINE))
 		fputc('\n', stdout);
+
+	nft_clear_iptables_command_state(&cs);
 }
 
 static bool nft_arp_is_same(const void *data_a,
-- 
cgit v1.2.3