From 1f0520a5814226961f79983c0091d07dbd6417eb Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sun, 7 Jun 2020 17:51:42 +0200
Subject: netlink: release dummy rule object from netlink_parse_set_expr()

netlink_parse_set_expr() creates a dummy rule object to reuse the
existing netlink parser. Release the rule object to fix a memleak.
Zap the statement list to avoid a use-after-free since the statement
needs to remain in place after releasing the rule.

==21601==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 2016 byte(s) in 4 object(s) allocated from:
    #0 0x7f7824b26330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
    #1 0x7f78245fcebd in xmalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:36
    #2 0x7f78245fd016 in xzalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:65
    #3 0x7f782456f0b5 in rule_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/rule.c:623

Add a test to check for set counters.

SUMMARY: AddressSanitizer: 2016 byte(s) leaked in 4 allocation(s).

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/shell/testcases/sets/0048set_counters_0 | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100755 tests/shell/testcases/sets/0048set_counters_0

(limited to 'tests/shell/testcases/sets/0048set_counters_0')

diff --git a/tests/shell/testcases/sets/0048set_counters_0 b/tests/shell/testcases/sets/0048set_counters_0
new file mode 100755
index 00000000..e62d25df
--- /dev/null
+++ b/tests/shell/testcases/sets/0048set_counters_0
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -e
+
+EXPECTED="table ip x {
+          set y {
+                  typeof ip saddr
+                  counter
+                  elements = { 192.168.10.35, 192.168.10.101, 192.168.10.135 }
+          }
+
+          chain z {
+                  type filter hook output priority filter; policy accept;
+                  ip daddr @y
+          }
+}"
+
+$NFT -f - <<< "$EXPECTED"
-- 
cgit v1.2.3