path: root/iptables/nft-shared.c
diff options
authorPhil Sutter <>2018-08-23 17:43:27 +0200
committerPablo Neira Ayuso <>2018-08-24 10:05:51 +0200
commit783e9c2308e0c6a53482482cf7a6c75c975e23be (patch)
tree6be4629e91bda86100ca592ca31648156e49b45f /iptables/nft-shared.c
parent9771d067ef349460a3ea138370432d355da26ba8 (diff)
xtables: Add missing deinitialization
These fix reports for definitely lost blocks in valgrind. Not really memleaks, but due to nft_handle going out of scope they're counted as lost. Still worth fixing though since it reduces noise when auditing code for real issues. Signed-off-by: Phil Sutter <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/nft-shared.c')
1 files changed, 2 insertions, 0 deletions
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index 62a57dd5..4557f17d 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -682,6 +682,8 @@ void nft_rule_to_iptables_command_state(const struct nftnl_rule *r,
void nft_clear_iptables_command_state(struct iptables_command_state *cs)
+ if (cs->target)
+ free(cs->target->t);
void print_header(unsigned int format, const char *chain, const char *pol,