From fffa3cc22b84d4fab237a6974041fe502c7b6034 Mon Sep 17 00:00:00 2001
From: Patrick McHardy <kaber@trash.net>
Date: Tue, 24 Mar 2015 11:51:45 +0000
Subject: netlink: fix use after free in netlink_get_table()

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 src/netlink.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'src/netlink.c')

diff --git a/src/netlink.c b/src/netlink.c
index 24dda67c..f957295e 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -953,19 +953,19 @@ int netlink_get_table(struct netlink_ctx *ctx, const struct handle *h,
 
 	nlt = alloc_nft_table(h);
 	err = mnl_nft_table_get(nf_sock, nlt, 0);
-	nft_table_free(nlt);
-
 	if (err < 0) {
 		netlink_io_error(ctx, loc,
 				 "Could not receive table from kernel: %s",
 				 strerror(errno));
-		return err;
+		goto out;
 	}
 
 	ntable = netlink_delinearize_table(ctx, nlt);
 	table->flags = ntable->flags;
 	xfree(ntable);
-	return 0;
+out:
+	nft_table_free(nlt);
+	return err;
 }
 
 int netlink_list_table(struct netlink_ctx *ctx, const struct handle *h,
-- 
cgit v1.2.3