diff options
author | Florian Westphal <fw@strlen.de> | 2019-04-23 13:18:05 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2019-05-01 18:30:23 +0200 |
commit | 99afd62d48f4c510bdb4076eb9d811c001ad1cac (patch) | |
tree | 357ca010a4400db91647dc62e4f4cea02f9f96fa | |
parent | eccd81cff0fb8b990d53343fff26b021039fff30 (diff) |
src: fix double free on xt stmt destruction
'nft monitor' dies with:
*** Error in `/sbin/nft': double free or corruption (fasttop): 0x000055f8ba57b750 ***
... when the iptables-nft test suite is running in parallel, because
xfree(stmt->xt.name) gets called twice.
Fixes: 4ac11b890fe870 ("src: missing destroy function in statement definitions")
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | include/xt.h | 2 | ||||
-rw-r--r-- | src/statement.c | 6 | ||||
-rw-r--r-- | src/xt.c | 2 |
3 files changed, 2 insertions, 8 deletions
diff --git a/include/xt.h b/include/xt.h index ab59bb3d..9fc51508 100644 --- a/include/xt.h +++ b/include/xt.h @@ -9,7 +9,7 @@ struct rule; struct output_ctx; void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx); -void xt_stmt_release(const struct stmt *stmt); +void xt_stmt_destroy(struct stmt *stmt); void netlink_parse_target(struct netlink_parse_ctx *ctx, const struct location *loc, diff --git a/src/statement.c b/src/statement.c index b2370f87..7f9c10b3 100644 --- a/src/statement.c +++ b/src/statement.c @@ -866,12 +866,6 @@ static void xt_stmt_print(const struct stmt *stmt, struct output_ctx *octx) xt_stmt_xlate(stmt, octx); } -static void xt_stmt_destroy(struct stmt *stmt) -{ - xfree(stmt->xt.name); - xt_stmt_release(stmt); -} - static const struct stmt_ops xt_stmt_ops = { .type = STMT_XT, .name = "xt", @@ -78,7 +78,7 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx) #endif } -void xt_stmt_release(const struct stmt *stmt) +void xt_stmt_destroy(struct stmt *stmt) { #ifdef HAVE_LIBXTABLES switch (stmt->xt.type) { |