authorFlorian Westphal <>2019-04-23 13:18:05 +0200
committerFlorian Westphal <>2019-05-01 18:30:23 +0200
commit99afd62d48f4c510bdb4076eb9d811c001ad1cac (patch)
tree357ca010a4400db91647dc62e4f4cea02f9f96fa /include/xt.h
parenteccd81cff0fb8b990d53343fff26b021039fff30 (diff)
src: fix double free on xt stmt destruction
'nft monitor' dies with: *** Error in `/sbin/nft': double free or corruption (fasttop): 0x000055f8ba57b750 *** ... when the iptables-nft test suite is running in parallel, because xfree(stmt-> gets called twice. Fixes: 4ac11b890fe870 ("src: missing destroy function in statement definitions") Signed-off-by: Florian Westphal <> Acked-by: Pablo Neira Ayuso <>
diff --git a/include/xt.h b/include/xt.h
index ab59bb3d..9fc51508 100644
--- a/include/xt.h
+++ b/include/xt.h
@@ -9,7 +9,7 @@ struct rule;
struct output_ctx;
void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx);
-void xt_stmt_release(const struct stmt *stmt);
+void xt_stmt_destroy(struct stmt *stmt);
void netlink_parse_target(struct netlink_parse_ctx *ctx,
const struct location *loc,