diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-03-02 12:40:27 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-03-05 20:42:21 +0100 |
| commit | a5fd6b04c42b4f430399492695fd9e8545ee0fba (patch) | |
| tree | 44b32b53485dd66fb6e666c4682b33decc76c2c3 | |
| parent | 2cf79802834cf143dffb3d6a8044e1e11419e8ec (diff) | |
cache: memleak list of chain
Release chain list from the error path.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | src/rule.c | 39 |
1 files changed, 26 insertions, 13 deletions
@@ -170,32 +170,42 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags) if (flags & NFT_CACHE_SET_BIT) { ret = netlink_list_sets(ctx, &table->handle); list_splice_tail_init(&ctx->list, &table->sets); - if (ret < 0) - return -1; + if (ret < 0) { + ret = -1; + goto cache_fails; + } } if (flags & NFT_CACHE_SETELEM_BIT) { list_for_each_entry(set, &table->sets, list) { ret = netlink_list_setelems(ctx, &set->handle, set); - if (ret < 0) - return -1; + if (ret < 0) { + ret = -1; + goto cache_fails; + } } } if (flags & NFT_CACHE_CHAIN_BIT) { ret = chain_cache_init(ctx, table, chain_list); - if (ret < 0) - return -1; + if (ret < 0) { + ret = -1; + goto cache_fails; + } } if (flags & NFT_CACHE_FLOWTABLE_BIT) { ret = netlink_list_flowtables(ctx, &table->handle); - if (ret < 0) - return -1; + if (ret < 0) { + ret = -1; + goto cache_fails; + } list_splice_tail_init(&ctx->list, &table->flowtables); } if (flags & NFT_CACHE_OBJECT_BIT) { ret = netlink_list_objs(ctx, &table->handle); - if (ret < 0) - return -1; + if (ret < 0) { + ret = -1; + goto cache_fails; + } list_splice_tail_init(&ctx->list, &table->objs); } @@ -208,15 +218,18 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags) rule->handle.chain.name); list_move_tail(&rule->list, &chain->rules); } - if (ret < 0) - return -1; + if (ret < 0) { + ret = -1; + goto cache_fails; + } } } +cache_fails: if (flags & NFT_CACHE_CHAIN_BIT) nftnl_chain_list_free(chain_list); - return 0; + return ret; } static int cache_init(struct netlink_ctx *ctx, unsigned int flags) |