diff options
| author | Phil Sutter <phil@nwl.cc> | 2019-02-26 22:13:38 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-02-27 11:25:14 +0100 |
| commit | a0da4c5bbf0d741fb815a977c945afe1b9a0739f (patch) | |
| tree | 6bf8181a0b7ae27f1467f4d8e2153b97dc782844 /src | |
| parent | ddf8036a155613a29603abfe115060ad4c23ef17 (diff) | |
libnftables: Print errors before freeing commands
Commands may contain data printed by an error record, so make sure
cmd_free() is not called before erec_print_list() has returned.
Fixes: 778de37d82e7b ("libnftables: Keep cmds list outside of parser_state")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/libnftables.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/libnftables.c b/src/libnftables.c index bd79cd60..2271d270 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -398,11 +398,11 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf) if (nft_netlink(nft, &cmds, &msgs, nft->nf_sock) != 0) rc = -1; err: + erec_print_list(&nft->output, &msgs, nft->debug_mask); list_for_each_entry_safe(cmd, next, &cmds, list) { list_del(&cmd->list); cmd_free(cmd); } - erec_print_list(&nft->output, &msgs, nft->debug_mask); iface_cache_release(); if (nft->scanner) { scanner_destroy(nft->scanner); @@ -442,11 +442,11 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename) if (nft_netlink(nft, &cmds, &msgs, nft->nf_sock) != 0) rc = -1; err: + erec_print_list(&nft->output, &msgs, nft->debug_mask); list_for_each_entry_safe(cmd, next, &cmds, list) { list_del(&cmd->list); cmd_free(cmd); } - erec_print_list(&nft->output, &msgs, nft->debug_mask); iface_cache_release(); if (nft->scanner) { scanner_destroy(nft->scanner); |