diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-06-23 13:09:53 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-06-23 13:31:09 +0200 |
commit | c69cc1c3cf24d30d92d4bcc9c7eba2d89ebb5766 (patch) | |
tree | 1303b8a4360cbf39b7fc2e8d55aafb68c088bd56 /src | |
parent | fea6a0a60c8cd6ba49cf3b85b4ad08a9028a1bab (diff) |
parser_bison: string memleak in YYERROR path
Release dynamically allocated string by lex from the YYERROR path, e.g.
# cat test.nft
table x {
map test {
type ipv4_addr . foo . inet_service : ipv4_addr . inet_service
}
}
# nft -f test.nft
test.nft:3:20-22: Error: unknown datatype foo
type ipv4_addr . foo . inet_service : ipv4_addr . inet_service
^^^
test.nft:6-9: Error: set definition does not specify key
map test {
^^^^
==29692==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 5 byte(s) in 1 object(s) allocated from:
#0 0x7f6c869e8810 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x3a810)
#1 0x7f6c8637f63a in xstrdup /home/test/nftables/src/utils.c:85
#2 0x7f6c8648a4d3 in nft_lex /home/test/nftables/src/scanner.l:740
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/parser_bison.y | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/parser_bison.y b/src/parser_bison.y index c31cc4e7..e405c80a 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -972,6 +972,7 @@ common_block : INCLUDE QUOTED_STRING stmt_separator if (symbol_unbind(scope, $2) < 0) { erec_queue(error(&@2, "undefined symbol '%s'", $2), state->msgs); + xfree($2); YYERROR; } xfree($2); @@ -2162,6 +2163,7 @@ data_type_atom_expr : type_identifier if (dtype == NULL) { erec_queue(error(&@1, "unknown datatype %s", $1), state->msgs); + xfree($1); YYERROR; } $$ = constant_expr_alloc(&@1, dtype, dtype->byteorder, @@ -2717,6 +2719,7 @@ comment_spec : COMMENT string erec_queue(error(&@2, "comment too long, %d characters maximum allowed", NFTNL_UDATA_COMMENT_MAXLEN), state->msgs); + xfree($2); YYERROR; } $$ = $2; |