diff options
| -rw-r--r-- | include/nft.h | 6 | ||||
| -rw-r--r-- | src/ct.c | 2 | ||||
| -rw-r--r-- | src/datatype.c | 8 | ||||
| -rw-r--r-- | src/evaluate.c | 8 | ||||
| -rw-r--r-- | src/expression.c | 4 | ||||
| -rw-r--r-- | src/libnftables.c | 12 | ||||
| -rw-r--r-- | src/mnl.c | 12 | ||||
| -rw-r--r-- | src/optimize.c | 2 | ||||
| -rw-r--r-- | src/parser_bison.y | 144 | ||||
| -rw-r--r-- | src/rule.c | 36 | ||||
| -rw-r--r-- | src/scanner.l | 4 | ||||
| -rw-r--r-- | src/statement.c | 2 | ||||
| -rw-r--r-- | src/xt.c | 2 |
13 files changed, 124 insertions, 118 deletions
diff --git a/include/nft.h b/include/nft.h index 3c894e5b..a2d62dbf 100644 --- a/include/nft.h +++ b/include/nft.h @@ -9,4 +9,10 @@ #include <stdlib.h> #include <string.h> +/* Just free(), but casts to a (void*). This is for places where + * we have a const pointer that we know we want to free. We could just + * do the (void*) cast, but free_const() makes it clear that this is + * something we frequently need to do and it's intentional. */ +#define free_const(ptr) free((void *)(ptr)) + #endif /* NFTABLES_NFT_H */ @@ -570,7 +570,7 @@ static void flow_offload_stmt_print(const struct stmt *stmt, static void flow_offload_stmt_destroy(struct stmt *stmt) { - xfree(stmt->flow.table_name); + free_const(stmt->flow.table_name); } static const struct stmt_ops flow_offload_stmt_ops = { diff --git a/src/datatype.c b/src/datatype.c index 63627358..ca251138 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -908,8 +908,8 @@ void rt_symbol_table_free(const struct symbol_table *tbl) const struct symbolic_constant *s; for (s = tbl->symbols; s->identifier != NULL; s++) - xfree(s->identifier); - xfree(tbl); + free_const(s->identifier); + free_const(tbl); } void mark_table_init(struct nft_ctx *ctx) @@ -1266,8 +1266,8 @@ void datatype_free(const struct datatype *ptr) if (--dtype->refcnt > 0) return; - xfree(dtype->name); - xfree(dtype->desc); + free_const(dtype->name); + free_const(dtype->desc); xfree(dtype); } diff --git a/src/evaluate.c b/src/evaluate.c index ba6aa300..a2cb4dda 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -4027,7 +4027,7 @@ static int stmt_evaluate_chain(struct eval_ctx *ctx, struct stmt *stmt) memset(&h, 0, sizeof(h)); handle_merge(&h, &chain->handle); h.family = ctx->rule->handle.family; - xfree(h.table.name); + free_const(h.table.name); h.table.name = xstrdup(ctx->rule->handle.table.name); h.chain.location = stmt->location; h.chain_id = chain->handle.chain_id; @@ -4047,9 +4047,9 @@ static int stmt_evaluate_chain(struct eval_ctx *ctx, struct stmt *stmt) struct handle h2 = {}; handle_merge(&rule->handle, &ctx->rule->handle); - xfree(rule->handle.table.name); + free_const(rule->handle.table.name); rule->handle.table.name = xstrdup(ctx->rule->handle.table.name); - xfree(rule->handle.chain.name); + free_const(rule->handle.chain.name); rule->handle.chain.name = NULL; rule->handle.chain_id = chain->handle.chain_id; if (rule_evaluate(&rule_ctx, rule, CMD_INVALID) < 0) @@ -5152,7 +5152,7 @@ static int ct_timeout_evaluate(struct eval_ctx *ctx, struct obj *obj) ct->timeout[ts->timeout_index] = ts->timeout_value; list_del(&ts->head); - xfree(ts->timeout_str); + free_const(ts->timeout_str); xfree(ts); } diff --git a/src/expression.c b/src/expression.c index a21dfec2..0b4a537a 100644 --- a/src/expression.c +++ b/src/expression.c @@ -314,7 +314,7 @@ static void symbol_expr_clone(struct expr *new, const struct expr *expr) static void symbol_expr_destroy(struct expr *expr) { - xfree(expr->identifier); + free_const(expr->identifier); } static const struct expr_ops symbol_expr_ops = { @@ -1335,7 +1335,7 @@ static void set_elem_expr_destroy(struct expr *expr) { struct stmt *stmt, *next; - xfree(expr->comment); + free_const(expr->comment); expr_free(expr->key); list_for_each_entry_safe(stmt, next, &expr->stmt_list, list) stmt_free(stmt); diff --git a/src/libnftables.c b/src/libnftables.c index 41f54c0c..866b5c6b 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -154,8 +154,8 @@ void nft_ctx_clear_vars(struct nft_ctx *ctx) unsigned int i; for (i = 0; i < ctx->num_vars; i++) { - xfree(ctx->vars[i].key); - xfree(ctx->vars[i].value); + free_const(ctx->vars[i].key); + free_const(ctx->vars[i].value); } ctx->num_vars = 0; xfree(ctx->vars); @@ -743,12 +743,12 @@ err: list_for_each_entry_safe(indesc, next, &nft->vars_ctx.indesc_list, list) { if (indesc->name) - xfree(indesc->name); + free_const(indesc->name); xfree(indesc); } } - xfree(nft->vars_ctx.buf); + free_const(nft->vars_ctx.buf); if (!rc && nft_output_json(&nft->output) && @@ -799,12 +799,12 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename) if (nft->optimize_flags) { ret = nft_run_optimized_file(nft, filename); - xfree(nft->stdin_buf); + free_const(nft->stdin_buf); return ret; } ret = __nft_run_cmd_from_filename(nft, filename); - xfree(nft->stdin_buf); + free_const(nft->stdin_buf); return ret; } @@ -776,9 +776,9 @@ static void nft_dev_array_free(const struct nft_dev *dev_array) int i = 0; while (dev_array[i].ifname != NULL) - xfree(dev_array[i++].ifname); + free_const(dev_array[i++].ifname); - xfree(dev_array); + free_const(dev_array); } static void mnl_nft_chain_devs_build(struct nlmsghdr *nlh, struct cmd *cmd) @@ -2175,10 +2175,10 @@ static struct basehook *basehook_alloc(void) static void basehook_free(struct basehook *b) { list_del(&b->list); - xfree(b->module_name); - xfree(b->hookfn); - xfree(b->chain); - xfree(b->table); + free_const(b->module_name); + free_const(b->hookfn); + free_const(b->chain); + free_const(b->table); xfree(b); } diff --git a/src/optimize.c b/src/optimize.c index 27e0ffe1..9ae9283d 100644 --- a/src/optimize.c +++ b/src/optimize.c @@ -1194,7 +1194,7 @@ static void merge_rules(const struct optimize_ctx *ctx, } if (ctx->rule[from]->comment) { - xfree(ctx->rule[from]->comment); + free_const(ctx->rule[from]->comment); ctx->rule[from]->comment = NULL; } diff --git a/src/parser_bison.y b/src/parser_bison.y index 9bfc3cdb..fdbf307a 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -154,13 +154,13 @@ static struct expr *ifname_expr_alloc(const struct location *location, struct expr *expr; if (length == 0) { - xfree(name); + free_const(name); erec_queue(error(location, "empty interface name"), queue); return NULL; } if (length >= IFNAMSIZ) { - xfree(name); + free_const(name); erec_queue(error(location, "interface name too long"), queue); return NULL; } @@ -168,7 +168,7 @@ static struct expr *ifname_expr_alloc(const struct location *location, expr = constant_expr_alloc(location, &ifname_type, BYTEORDER_HOST_ENDIAN, length * BITS_PER_BYTE, name); - xfree(name); + free_const(name); return expr; } @@ -358,7 +358,7 @@ int nft_lex(void *, void *, void *); %token <string> STRING "string" %token <string> QUOTED_STRING "quoted string" %token <string> ASTERISK_STRING "string with a trailing asterisk" -%destructor { xfree($$); } STRING QUOTED_STRING ASTERISK_STRING +%destructor { free_const($$); } STRING QUOTED_STRING ASTERISK_STRING %token LL_HDR "ll" %token NETWORK_HDR "nh" @@ -674,7 +674,7 @@ int nft_lex(void *, void *, void *); %type <limit_rate> limit_rate_bytes %type <string> identifier type_identifier string comment_spec -%destructor { xfree($$); } identifier type_identifier string comment_spec +%destructor { free_const($$); } identifier type_identifier string comment_spec %type <val> time_spec time_spec_or_num_s quota_used @@ -709,7 +709,7 @@ int nft_lex(void *, void *, void *); %type <val32> int_num chain_policy %type <prio_spec> extended_prio_spec prio_spec %type <string> extended_prio_name quota_unit basehook_device_name -%destructor { xfree($$); } extended_prio_name quota_unit basehook_device_name +%destructor { free_const($$); } extended_prio_name quota_unit basehook_device_name %type <expr> dev_spec %destructor { xfree($$); } dev_spec @@ -928,7 +928,7 @@ int nft_lex(void *, void *, void *); %type <val> markup_format %type <string> monitor_event -%destructor { xfree($$); } monitor_event +%destructor { free_const($$); } monitor_event %type <val> monitor_object monitor_format %type <val> synproxy_ts synproxy_sack @@ -1053,10 +1053,10 @@ close_scope_xt : { scanner_pop_start_cond(nft->scanner, PARSER_SC_XT); } common_block : INCLUDE QUOTED_STRING stmt_separator { if (scanner_include_file(nft, scanner, $2, &@$) < 0) { - xfree($2); + free_const($2); YYERROR; } - xfree($2); + free_const($2); } | DEFINE identifier '=' initializer_expr stmt_separator { @@ -1066,19 +1066,19 @@ common_block : INCLUDE QUOTED_STRING stmt_separator erec_queue(error(&@2, "redefinition of symbol '%s'", $2), state->msgs); expr_free($4); - xfree($2); + free_const($2); YYERROR; } symbol_bind(scope, $2, $4); - xfree($2); + free_const($2); } | REDEFINE identifier '=' initializer_expr stmt_separator { struct scope *scope = current_scope(state); symbol_bind(scope, $2, $4); - xfree($2); + free_const($2); } | UNDEFINE identifier stmt_separator { @@ -1087,10 +1087,10 @@ common_block : INCLUDE QUOTED_STRING stmt_separator if (symbol_unbind(scope, $2) < 0) { erec_queue(error(&@2, "undefined symbol '%s'", $2), state->msgs); - xfree($2); + free_const($2); YYERROR; } - xfree($2); + free_const($2); } | error stmt_separator { @@ -1879,21 +1879,21 @@ table_options : FLAGS STRING { if (strcmp($2, "dormant") == 0) { $<table>0->flags |= TABLE_F_DORMANT; - xfree($2); + free_const($2); } else if (strcmp($2, "owner") == 0) { $<table>0->flags |= TABLE_F_OWNER; - xfree($2); + free_const($2); } else { erec_queue(error(&@2, "unknown table option %s", $2), state->msgs); - xfree($2); + free_const($2); YYERROR; } } | comment_spec { if (already_set($<table>0->comment, &@$, state)) { - xfree($1); + free_const($1); YYERROR; } $<table>0->comment = $1; @@ -2064,7 +2064,7 @@ chain_block : /* empty */ { $$ = $<chain>-1; } | chain_block comment_spec stmt_separator { if (already_set($1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $1->comment = $2; @@ -2190,7 +2190,7 @@ set_block : /* empty */ { $$ = $<set>-1; } | set_block comment_spec stmt_separator { if (already_set($1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $1->comment = $2; @@ -2307,7 +2307,7 @@ map_block : /* empty */ { $$ = $<set>-1; } | map_block comment_spec stmt_separator { if (already_set($1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $1->comment = $2; @@ -2346,10 +2346,10 @@ flowtable_block : /* empty */ { $$ = $<flowtable>-1; } if ($$->hook.name == NULL) { erec_queue(error(&@3, "unknown chain hook"), state->msgs); - xfree($3); + free_const($3); YYERROR; } - xfree($3); + free_const($3); $$->priority = $4; } @@ -2423,12 +2423,12 @@ data_type_atom_expr : type_identifier if (dtype == NULL) { erec_queue(error(&@1, "unknown datatype %s", $1), state->msgs); - xfree($1); + free_const($1); YYERROR; } $$ = constant_expr_alloc(&@1, dtype, dtype->byteorder, dtype->size, NULL); - xfree($1); + free_const($1); } | TIME { @@ -2465,7 +2465,7 @@ counter_block : /* empty */ { $$ = $<obj>-1; } | counter_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2482,7 +2482,7 @@ quota_block : /* empty */ { $$ = $<obj>-1; } | quota_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2499,7 +2499,7 @@ ct_helper_block : /* empty */ { $$ = $<obj>-1; } | ct_helper_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2520,7 +2520,7 @@ ct_timeout_block : /*empty */ | ct_timeout_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2537,7 +2537,7 @@ ct_expect_block : /*empty */ { $$ = $<obj>-1; } | ct_expect_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2554,7 +2554,7 @@ limit_block : /* empty */ { $$ = $<obj>-1; } | limit_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2571,7 +2571,7 @@ secmark_block : /* empty */ { $$ = $<obj>-1; } | secmark_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2588,7 +2588,7 @@ synproxy_block : /* empty */ { $$ = $<obj>-1; } | synproxy_block comment_spec { if (already_set($<obj>1->comment, &@2, state)) { - xfree($2); + free_const($2); YYERROR; } $<obj>1->comment = $2; @@ -2609,12 +2609,12 @@ hook_spec : TYPE close_scope_type STRING HOOK STRING dev_spec prio_spec if (chain_type == NULL) { erec_queue(error(&@3, "unknown chain type"), state->msgs); - xfree($3); + free_const($3); YYERROR; } $<chain>0->type.loc = @3; $<chain>0->type.str = xstrdup(chain_type); - xfree($3); + free_const($3); $<chain>0->loc = @$; $<chain>0->hook.loc = @5; @@ -2622,10 +2622,10 @@ hook_spec : TYPE close_scope_type STRING HOOK STRING dev_spec prio_spec if ($<chain>0->hook.name == NULL) { erec_queue(error(&@5, "unknown chain hook"), state->msgs); - xfree($5); + free_const($5); YYERROR; } - xfree($5); + free_const($5); $<chain>0->dev_expr = $6; $<chain>0->priority = $7; @@ -2672,7 +2672,7 @@ extended_prio_spec : int_num BYTEORDER_HOST_ENDIAN, strlen($1) * BITS_PER_BYTE, $1); - xfree($1); + free_const($1); $$ = spec; } | extended_prio_name PLUS NUM @@ -2685,7 +2685,7 @@ extended_prio_spec : int_num BYTEORDER_HOST_ENDIAN, strlen(str) * BITS_PER_BYTE, str); - xfree($1); + free_const($1); $$ = spec; } | extended_prio_name DASH NUM @@ -2698,7 +2698,7 @@ extended_prio_spec : int_num BYTEORDER_HOST_ENDIAN, strlen(str) * BITS_PER_BYTE, str); - xfree($1); + free_const($1); $$ = spec; } ; @@ -2783,7 +2783,7 @@ time_spec : STRING uint64_t res; erec = time_parse(&@1, $1, &res); - xfree($1); + free_const($1); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -2984,7 +2984,7 @@ comment_spec : COMMENT string erec_queue(error(&@2, "comment too long, %d characters maximum allowed", NFTNL_UDATA_COMMENT_MAXLEN), state->msgs); - xfree($2); + free_const($2); YYERROR; } $$ = $2; @@ -3085,8 +3085,8 @@ stmt : verdict_stmt xt_stmt : XT STRING string { $$ = NULL; - xfree($2); - xfree($3); + free_const($2); + free_const($3); erec_queue(error(&@$, "unsupported xtables compat expression, use iptables-nft with this ruleset"), state->msgs); YYERROR; @@ -3244,7 +3244,7 @@ log_arg : PREFIX string expr = constant_expr_alloc(&@$, &string_type, BYTEORDER_HOST_ENDIAN, (strlen($2) + 1) * BITS_PER_BYTE, $2); - xfree($2); + free_const($2); $<stmt>0->log.prefix = expr; $<stmt>0->log.flags |= STMT_LOG_PREFIX; break; @@ -3318,7 +3318,7 @@ log_arg : PREFIX string state->msgs); } expr_free(expr); - xfree($2); + free_const($2); YYERROR; } item = variable_expr_alloc(&@$, scope, sym); @@ -3348,7 +3348,7 @@ log_arg : PREFIX string } } - xfree($2); + free_const($2); $<stmt>0->log.prefix = expr; $<stmt>0->log.flags |= STMT_LOG_PREFIX; } @@ -3401,10 +3401,10 @@ level_type : string else { erec_queue(error(&@1, "invalid log level"), state->msgs); - xfree($1); + free_const($1); YYERROR; } - xfree($1); + free_const($1); } ; @@ -3494,7 +3494,7 @@ quota_used : /* empty */ { $$ = 0; } uint64_t rate; erec = data_unit_parse(&@$, $3, &rate); - xfree($3); + free_const($3); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -3509,7 +3509,7 @@ quota_stmt : QUOTA quota_mode NUM quota_unit quota_used close_scope_quota uint64_t rate; erec = data_unit_parse(&@$, $4, &rate); - xfree($4); + free_const($4); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -3553,7 +3553,7 @@ limit_rate_bytes : NUM STRING uint64_t rate, unit; erec = rate_parse(&@$, $2, &rate, &unit); - xfree($2); + free_const($2); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -3575,7 +3575,7 @@ limit_bytes : NUM BYTES { $$ = $1; } uint64_t rate; erec = data_unit_parse(&@$, $2, &rate); - xfree($2); + free_const($2); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -3604,7 +3604,7 @@ reject_with_expr : STRING { $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE, current_scope(state), $1); - xfree($1); + free_const($1); } | integer_expr { $$ = $1; } ; @@ -4268,12 +4268,12 @@ variable_expr : '$' identifier erec_queue(error(&@2, "unknown identifier '%s'", $2), state->msgs); } - xfree($2); + free_const($2); YYERROR; } $$ = variable_expr_alloc(&@$, scope, sym); - xfree($2); + free_const($2); } ; @@ -4283,7 +4283,7 @@ symbol_expr : variable_expr $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE, current_scope(state), $1); - xfree($1); + free_const($1); } ; @@ -4296,7 +4296,7 @@ set_ref_symbol_expr : AT identifier close_scope_at $$ = symbol_expr_alloc(&@$, SYMBOL_SET, current_scope(state), $2); - xfree($2); + free_const($2); } ; @@ -4393,10 +4393,10 @@ osf_ttl : /* empty */ else { erec_queue(error(&@2, "invalid ttl option"), state->msgs); - xfree($2); + free_const($2); YYERROR; } - xfree($2); + free_const($2); } ; @@ -4566,7 +4566,7 @@ set_elem_option : TIMEOUT time_spec | comment_spec { if (already_set($<expr>0->comment, &@1, state)) { - xfree($1); + free_const($1); YYERROR; } $<expr>0->comment = $1; @@ -4648,7 +4648,7 @@ set_elem_stmt : COUNTER close_scope_counter uint64_t rate; erec = data_unit_parse(&@$, $4, &rate); - xfree($4); + free_const($4); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -4681,7 +4681,7 @@ set_elem_expr_option : TIMEOUT time_spec | comment_spec { if (already_set($<expr>0->comment, &@1, state)) { - xfree($1); + free_const($1); YYERROR; } $<expr>0->comment = $1; @@ -4733,7 +4733,7 @@ quota_config : quota_mode NUM quota_unit quota_used uint64_t rate; erec = data_unit_parse(&@$, $3, &rate); - xfree($3); + free_const($3); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -4762,10 +4762,10 @@ secmark_config : string ret = snprintf(secmark->ctx, sizeof(secmark->ctx), "%s", $1); if (ret <= 0 || ret >= (int)sizeof(secmark->ctx)) { erec_queue(error(&@1, "invalid context '%s', max length is %u\n", $1, (int)sizeof(secmark->ctx)), state->msgs); - xfree($1); + free_const($1); YYERROR; } - xfree($1); + free_const($1); } ; @@ -4802,7 +4802,7 @@ ct_helper_config : TYPE QUOTED_STRING PROTOCOL ct_l4protoname stmt_separator cl erec_queue(error(&@2, "invalid name '%s', max length is %u\n", $2, (int)sizeof(ct->name)), state->msgs); YYERROR; } - xfree($2); + free_const($2); ct->l4proto = $4; } @@ -5197,7 +5197,7 @@ chain_expr : variable_expr BYTEORDER_HOST_ENDIAN, strlen($1) * BITS_PER_BYTE, $1); - xfree($1); + free_const($1); } ; @@ -5215,7 +5215,7 @@ meta_expr : META meta_key close_scope_meta unsigned int key; erec = meta_key_parse(&@$, $2, &key); - xfree($2); + free_const($2); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -5292,7 +5292,7 @@ meta_stmt : META meta_key SET stmt_expr close_scope_meta unsigned int key; erec = meta_key_parse(&@$, $2, &key); - xfree($2); + free_const($2); if (erec != NULL) { erec_queue(erec, state->msgs); YYERROR; @@ -5603,10 +5603,10 @@ payload_base_spec : LL_HDR { $$ = PROTO_BASE_LL_HDR; } $$ = PROTO_BASE_INNER_HDR; } else { erec_queue(error(&@1, "unknown raw payload base"), state->msgs); - xfree($1); + free_const($1); YYERROR; } - xfree($1); + free_const($1); } ; @@ -104,11 +104,11 @@ int timeout_str2num(uint16_t l4proto, struct timeout_state *ts) void handle_free(struct handle *h) { - xfree(h->table.name); - xfree(h->chain.name); - xfree(h->set.name); - xfree(h->flowtable.name); - xfree(h->obj.name); + free_const(h->table.name); + free_const(h->chain.name); + free_const(h->set.name); + free_const(h->flowtable.name); + free_const(h->obj.name); } void handle_merge(struct handle *dst, const struct handle *src) @@ -194,7 +194,7 @@ void set_free(struct set *set) expr_free(set->init); if (set->comment) - xfree(set->comment); + free_const(set->comment); handle_free(&set->handle); list_for_each_entry_safe(stmt, next, &set->stmt_list, list) stmt_free(stmt); @@ -479,7 +479,7 @@ void rule_free(struct rule *rule) return; stmt_list_free(&rule->stmts); handle_free(&rule->handle); - xfree(rule->comment); + free_const(rule->comment); xfree(rule); } @@ -557,7 +557,7 @@ void scope_release(const struct scope *scope) list_for_each_entry_safe(sym, next, &scope->symbols, list) { assert(sym->refcnt == 1); list_del(&sym->list); - xfree(sym->identifier); + free_const(sym->identifier); expr_free(sym->expr); xfree(sym); } @@ -597,7 +597,7 @@ struct symbol *symbol_get(const struct scope *scope, const char *identifier) static void symbol_put(struct symbol *sym) { if (--sym->refcnt == 0) { - xfree(sym->identifier); + free_const(sym->identifier); expr_free(sym->expr); xfree(sym); } @@ -730,14 +730,14 @@ void chain_free(struct chain *chain) rule_free(rule); handle_free(&chain->handle); scope_release(&chain->scope); - xfree(chain->type.str); + free_const(chain->type.str); expr_free(chain->dev_expr); for (i = 0; i < chain->dev_array_len; i++) - xfree(chain->dev_array[i]); + free_const(chain->dev_array[i]); xfree(chain->dev_array); expr_free(chain->priority.expr); expr_free(chain->policy); - xfree(chain->comment); + free_const(chain->comment); xfree(chain); } @@ -1151,7 +1151,7 @@ void table_free(struct table *table) if (--table->refcnt > 0) return; if (table->comment) - xfree(table->comment); + free_const(table->comment); list_for_each_entry_safe(chain, next, &table->chains, list) chain_free(chain); list_for_each_entry_safe(chain, next, &table->chain_bindings, cache.list) @@ -1348,7 +1348,7 @@ struct monitor *monitor_alloc(uint32_t format, uint32_t type, const char *event) void monitor_free(struct monitor *m) { - xfree(m->event); + free_const(m->event); xfree(m); } @@ -1404,7 +1404,7 @@ void cmd_free(struct cmd *cmd) } } xfree(cmd->attr); - xfree(cmd->arg); + free_const(cmd->arg); xfree(cmd); } @@ -1642,14 +1642,14 @@ void obj_free(struct obj *obj) { if (--obj->refcnt > 0) return; - xfree(obj->comment); + free_const(obj->comment); handle_free(&obj->handle); if (obj->type == NFT_OBJECT_CT_TIMEOUT) { struct timeout_state *ts, *next; list_for_each_entry_safe(ts, next, &obj->ct_timeout.timeout_list, head) { list_del(&ts->head); - xfree(ts->timeout_str); + free_const(ts->timeout_str); xfree(ts); } } @@ -2062,7 +2062,7 @@ void flowtable_free(struct flowtable *flowtable) if (flowtable->dev_array != NULL) { for (i = 0; i < flowtable->dev_array_len; i++) - xfree(flowtable->dev_array[i]); + free_const(flowtable->dev_array[i]); xfree(flowtable->dev_array); } xfree(flowtable); diff --git a/src/scanner.l b/src/scanner.l index 88376b7a..93a31f27 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -1261,8 +1261,8 @@ void *scanner_init(struct parser_state *state) static void input_descriptor_destroy(const struct input_descriptor *indesc) { if (indesc->name) - xfree(indesc->name); - xfree(indesc); + free_const(indesc->name); + free_const(indesc); } static void input_descriptor_list_destroy(struct parser_state *state) diff --git a/src/statement.c b/src/statement.c index f5176e6d..994b522c 100644 --- a/src/statement.c +++ b/src/statement.c @@ -183,7 +183,7 @@ static void meter_stmt_destroy(struct stmt *stmt) expr_free(stmt->meter.key); expr_free(stmt->meter.set); stmt_free(stmt->meter.stmt); - xfree(stmt->meter.name); + free_const(stmt->meter.name); } static const struct stmt_ops meter_stmt_ops = { @@ -124,7 +124,7 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx) void xt_stmt_destroy(struct stmt *stmt) { - xfree(stmt->xt.name); + free_const(stmt->xt.name); xfree(stmt->xt.info); } |