diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-11-14 15:19:03 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-11-18 13:59:47 +0100 |
commit | 3cf788a720b30530ca0fe86d40e2e86139e7d48c (patch) | |
tree | 9e70cf0787df8e3d7e2aac5d1fa64f29e2304c44 /src/expr/match.c | |
parent | 989b793a3bf689757b2b8f08a1c264743d75fa0f (diff) |
expr: fix leak in target and match expressions
Release internal data area for match and target expressions.
==30104== 68 bytes in 1 blocks are definitely lost in loss record 1 of 1
==30104== at 0x4C2B514: calloc (vg_replace_malloc.c:593)
==30104== by 0x400C2F: main (nft-expr_match-test.c:65)
Reported-by: Ana Rey Botello <anarey@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expr/match.c')
-rw-r--r-- | src/expr/match.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/expr/match.c b/src/expr/match.c index db2b987..5d02ee7 100644 --- a/src/expr/match.c +++ b/src/expr/match.c @@ -258,10 +258,18 @@ nft_rule_expr_match_snprintf(char *buf, size_t len, uint32_t type, return -1; } +static void nft_rule_expr_match_free(struct nft_rule_expr *e) +{ + struct nft_expr_match *match = nft_expr_data(e); + + xfree(match->data); +} + struct expr_ops expr_ops_match = { .name = "match", .alloc_len = sizeof(struct nft_expr_match), .max_attr = NFTA_MATCH_MAX, + .free = nft_rule_expr_match_free, .set = nft_rule_expr_match_set, .get = nft_rule_expr_match_get, .parse = nft_rule_expr_match_parse, |