From bc7b5e747f70d229ca5d5fb0709548a47e2830fc Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 21 Oct 2013 14:42:33 +0200
Subject: set_elem: fix access after free in case of parsing errors

If this fails to parse a set element, stop the processing.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/set_elem.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/set_elem.c b/src/set_elem.c
index 5bb82f6..5ef46f2 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -298,8 +298,10 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest)
 			break;
 		}
         }
-	if (ret < 0)
+	if (ret < 0) {
 		xfree(e);
+		return -1;
+	}
 
 	/* Add this new element to this set */
 	list_add_tail(&e->head, &s->element_list);
-- 
cgit v1.2.3