diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-15 11:31:50 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-03-15 17:14:03 +0100 |
commit | 10e19428a5ef9568d9d1ba88f9158eaa0a161cb3 (patch) | |
tree | 3b85b62f7d5153f4dcd78a66d71c999268478255 /src/libnftables.c | |
parent | d3cace26609253a8e3f20aeb8693f37d63897a7e (diff) |
src: file descriptor leak in include_file()
File that contains the ruleset is never closed, track open files through
the nft_ctx object and close them accordingly.
Reported-by: Václav Zindulka <vaclav.zindulka@tlapnet.cz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/libnftables.c')
-rw-r--r-- | src/libnftables.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/libnftables.c b/src/libnftables.c index 2271d270..199dbc97 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -364,7 +364,7 @@ static int nft_parse_bison_filename(struct nft_ctx *nft, const char *filename, parser_init(nft, nft->state, msgs, cmds); nft->scanner = scanner_init(nft->state); - if (scanner_read_file(nft->scanner, filename, &internal_location) < 0) + if (scanner_read_file(nft, filename, &internal_location) < 0) return -1; ret = nft_parse(nft, nft->scanner, nft->state); @@ -405,7 +405,7 @@ err: } iface_cache_release(); if (nft->scanner) { - scanner_destroy(nft->scanner); + scanner_destroy(nft); nft->scanner = NULL; } free(nlbuf); @@ -449,7 +449,7 @@ err: } iface_cache_release(); if (nft->scanner) { - scanner_destroy(nft->scanner); + scanner_destroy(nft); nft->scanner = NULL; } |