diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-15 11:31:50 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-15 17:14:03 +0100 |
commit | 10e19428a5ef9568d9d1ba88f9158eaa0a161cb3 (patch) | |
tree | 3b85b62f7d5153f4dcd78a66d71c999268478255 /include/parser.h | |
parent | d3cace26609253a8e3f20aeb8693f37d63897a7e (diff) |
src: file descriptor leak in include_file()
File that contains the ruleset is never closed, track open files through
the nft_ctx object and close them accordingly.
Reported-by: Václav Zindulka <vaclav.zindulka@tlapnet.cz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/parser.h')
-rw-r--r-- | include/parser.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/include/parser.h b/include/parser.h index ea41ca03..8e57899e 100644 --- a/include/parser.h +++ b/include/parser.h @@ -3,8 +3,8 @@ #include <list.h> #include <rule.h> // FIXME +#include <nftables.h> -#define MAX_INCLUDE_DEPTH 16 #define TABSIZE 8 #define YYLTYPE struct location @@ -36,9 +36,9 @@ extern void parser_init(struct nft_ctx *nft, struct parser_state *state, extern int nft_parse(struct nft_ctx *ctx, void *, struct parser_state *state); extern void *scanner_init(struct parser_state *state); -extern void scanner_destroy(void *scanner); +extern void scanner_destroy(struct nft_ctx *nft); -extern int scanner_read_file(void *scanner, const char *filename, +extern int scanner_read_file(struct nft_ctx *nft, const char *filename, const struct location *loc); extern int scanner_include_file(struct nft_ctx *ctx, void *scanner, const char *filename, |