diff options
author | Alvaro Neira <alvaroneay@gmail.com> | 2015-03-02 19:59:38 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-03-03 00:27:42 +0100 |
commit | 9a509a5b1d0393af070b6be2a58b7986a6ae535e (patch) | |
tree | 5187d1430576fde5321b923b8d9768a759e3a29a | |
parent | 5dd19ef301a9c92beb470099df0a76e33a614173 (diff) |
ruleset: crash from error path when we build the xml/json tree
Fix crash when we try to release a tree that is not initialized.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/ruleset.c | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/src/ruleset.c b/src/ruleset.c index 280f1bc..c8747b6 100644 --- a/src/ruleset.c +++ b/src/ruleset.c @@ -542,12 +542,12 @@ static int nft_ruleset_json_parse(const void *json, root = nft_jansson_create_root(json, &error, err, input); if (root == NULL) - goto err; + goto err1; array = json_object_get(root, "nftables"); if (array == NULL) { errno = EINVAL; - goto err; + goto err2; } len = json_array_size(array); @@ -555,23 +555,24 @@ static int nft_ruleset_json_parse(const void *json, node = json_array_get(array, i); if (node == NULL) { errno = EINVAL; - goto err; + goto err2; } ctx.json = node; key = json_object_iter_key(json_object_iter(node)); if (key == NULL) - goto err; + goto err2; if (nft_ruleset_json_parse_cmd(key, err, &ctx) < 0) - goto err; + goto err2; } nft_set_list_free(ctx.set_list); nft_jansson_free_root(root); return 0; -err: - nft_set_list_free(ctx.set_list); +err2: nft_jansson_free_root(root); +err1: + nft_set_list_free(ctx.set_list); return -1; #else errno = EOPNOTSUPP; @@ -672,7 +673,7 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err, tree = nft_mxml_build_tree(xml, "nftables", err, input); if (tree == NULL) - goto err; + goto err1; ctx.xml = tree; @@ -680,16 +681,17 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err, while (nodecmd != NULL) { cmd = nodecmd->value.opaque; if (nft_ruleset_xml_parse_cmd(cmd, err, &ctx) < 0) - goto err; + goto err2; nodecmd = mxmlWalkNext(tree, tree, MXML_NO_DESCEND); } nft_set_list_free(ctx.set_list); mxmlDelete(tree); return 0; -err: - nft_set_list_free(ctx.set_list); +err2: mxmlDelete(tree); +err1: + nft_set_list_free(ctx.set_list); return -1; #else errno = EOPNOTSUPP; |