diff options
author | Phil Sutter <phil@nwl.cc> | 2020-01-20 13:52:10 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-01-22 09:01:01 +0100 |
commit | c3f6be3f2dcedf6d79751c0b975315ebc3184364 (patch) | |
tree | e13293160700b210d550a444e08462d4ca5d35fe | |
parent | db5d7dc2bd113dd9c15e83b2e59cb3e4d54c922b (diff) |
netlink: Fix leak in unterminated string deserializer
Allocated 'mask' expression is not freed before returning to caller,
although it is used temporarily only.
Fixes: b851ba4731d9f ("src: add interface wildcard matching")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/netlink_delinearize.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 154353b8..06a0312b 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -2030,7 +2030,7 @@ static bool __expr_postprocess_string(struct expr **exprp) static struct expr *expr_postprocess_string(struct expr *expr) { - struct expr *mask; + struct expr *mask, *out; assert(expr_basetype(expr)->type == TYPE_STRING); if (__expr_postprocess_string(&expr)) @@ -2040,7 +2040,9 @@ static struct expr *expr_postprocess_string(struct expr *expr) BYTEORDER_HOST_ENDIAN, expr->len + BITS_PER_BYTE, NULL); mpz_init_bitmask(mask->value, expr->len); - return string_wildcard_expr_alloc(&expr->location, mask, expr); + out = string_wildcard_expr_alloc(&expr->location, mask, expr); + expr_free(mask); + return out; } static void expr_postprocess(struct rule_pp_ctx *ctx, struct expr **exprp) |