diff options
| author | Phil Sutter <phil@nwl.cc> | 2020-05-05 13:41:43 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2020-05-11 14:28:29 +0200 |
| commit | bbf0db5057fd39c793ab88efd7daa1fa4347cec2 (patch) | |
| tree | 92600a5db10f678ed65154ed88dc7743fa7203a9 /iptables | |
| parent | 5fdb447fdfe877bd6236830b4a2507d4d61bc1a1 (diff) | |
nft: Fix leak when deleting rules
For NFT_COMPAT_RULE_DELETE jobs, batch_obj_del() has to do the rule
freeing, they are no longer in cache.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/nft.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index c0b5e2fc..01268f78 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -2680,8 +2680,8 @@ static void batch_obj_del(struct nft_handle *h, struct obj_update *o) case NFT_COMPAT_RULE_APPEND: case NFT_COMPAT_RULE_INSERT: case NFT_COMPAT_RULE_REPLACE: - case NFT_COMPAT_RULE_DELETE: break; + case NFT_COMPAT_RULE_DELETE: case NFT_COMPAT_RULE_FLUSH: nftnl_rule_free(o->rule); break; |