summaryrefslogtreecommitdiffstats
path: root/src/libnftables.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2019-03-15 11:31:50 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2019-03-15 17:14:03 +0100
commit10e19428a5ef9568d9d1ba88f9158eaa0a161cb3 (patch)
tree3b85b62f7d5153f4dcd78a66d71c999268478255 /src/libnftables.c
parentd3cace26609253a8e3f20aeb8693f37d63897a7e (diff)
src: file descriptor leak in include_file()
File that contains the ruleset is never closed, track open files through the nft_ctx object and close them accordingly. Reported-by: Václav Zindulka <vaclav.zindulka@tlapnet.cz> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/libnftables.c')
-rw-r--r--src/libnftables.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/libnftables.c b/src/libnftables.c
index 2271d270..199dbc97 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -364,7 +364,7 @@ static int nft_parse_bison_filename(struct nft_ctx *nft, const char *filename,
parser_init(nft, nft->state, msgs, cmds);
nft->scanner = scanner_init(nft->state);
- if (scanner_read_file(nft->scanner, filename, &internal_location) < 0)
+ if (scanner_read_file(nft, filename, &internal_location) < 0)
return -1;
ret = nft_parse(nft, nft->scanner, nft->state);
@@ -405,7 +405,7 @@ err:
}
iface_cache_release();
if (nft->scanner) {
- scanner_destroy(nft->scanner);
+ scanner_destroy(nft);
nft->scanner = NULL;
}
free(nlbuf);
@@ -449,7 +449,7 @@ err:
}
iface_cache_release();
if (nft->scanner) {
- scanner_destroy(nft->scanner);
+ scanner_destroy(nft);
nft->scanner = NULL;
}