From aaed1b68cba7fe78fca42b9fc774b3b6887eff51 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Thu, 2 Aug 2018 17:05:24 +0200 Subject: arptables: Fix memleaks in do_commandarp() The function did not free memory allocated in parse_hostnetworkmask() and command_jump(). To fix the latter, code was aligned a bit more with xtables.c (especially opts handling). Signed-off-by: Phil Sutter Signed-off-by: Florian Westphal --- iptables/xtables-arp.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) (limited to 'iptables/xtables-arp.c') diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c index ce9e618b..4e291809 100644 --- a/iptables/xtables-arp.c +++ b/iptables/xtables-arp.c @@ -149,8 +149,7 @@ static struct option original_opts[] = { int RUNTIME_NF_ARP_NUMHOOKS = 3; -static struct option *opts = original_opts; -static unsigned int global_option_offset; +#define opts xt_params->opts extern void xtables_exit_error(enum xtables_exittype status, const char *msg, ...) __attribute__((noreturn, format(printf,2,3))); struct xtables_globals arptables_globals = { @@ -947,11 +946,6 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) int ret = 1; struct xtables_target *t; - opts = original_opts; - global_option_offset = 0; - - xtables_globals.orig_opts = original_opts; - /* re-set optind to 0 in case do_command gets called * a second time */ optind = 0; @@ -965,6 +959,7 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) demand-load a protocol. */ opterr = 0; + opts = xt_params->orig_opts; while ((c = getopt_long(argc, argv, "-A:D:R:I:L::M:F::Z::N:X::E:P:Vh::o:p:s:d:j:l:i:vnt:m:c:", opts, NULL)) != -1) { @@ -1471,6 +1466,16 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) exit_tryhelp(2); } + if (nsaddrs) + free(saddrs); + if (ndaddrs) + free(daddrs); + + if (cs.target) + free(cs.target->t); + + xtables_free_opts(1); + /* if (verbose > 1) dump_entries(*handle);*/ -- cgit v1.2.3