From c3c2777d4b62db4b49fd3dcf8293562defa95112 Mon Sep 17 00:00:00 2001
From: Phil Sutter <psutter@redhat.com>
Date: Tue, 29 Jan 2019 18:12:15 +0100
Subject: [PATCH] flowtable: Fix memleak in nftnl_flowtable_parse_devs()

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1661327
Upstream Status: libnftnl commit 8ef66870832d5

commit 8ef66870832d56881703a7798ecdff9e19917b15
Author: Phil Sutter <phil@nwl.cc>
Date:   Thu Dec 20 21:03:30 2018 +0100

    flowtable: Fix memleak in nftnl_flowtable_parse_devs()

    Allocated strings in dev_array were not freed. Fix this by freeing them
    on error path and assigning them to c->dev_array directly in regular
    path.

    Fixes: eb58f53372e74 ("src: add flowtable support")
    Signed-off-by: Phil Sutter <phil@nwl.cc>
    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/flowtable.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/flowtable.c b/src/flowtable.c
index 61ff29b..1762bd1 100644
--- a/src/flowtable.c
+++ b/src/flowtable.c
@@ -364,7 +364,7 @@ static int nftnl_flowtable_parse_devs(struct nlattr *nest,
 
 	mnl_attr_for_each_nested(attr, nest) {
 		if (mnl_attr_get_type(attr) != NFTA_DEVICE_NAME)
-			return -1;
+			goto err;
 		dev_array[len++] = strdup(mnl_attr_get_str(attr));
 		if (len >= 8)
 			break;
@@ -375,14 +375,18 @@ static int nftnl_flowtable_parse_devs(struct nlattr *nest,
 
 	c->dev_array = calloc(len + 1, sizeof(char *));
 	if (!c->dev_array)
-		return -1;
+		goto err;
 
 	c->dev_array_len = len;
 
 	for (i = 0; i < len; i++)
-		c->dev_array[i] = strdup(dev_array[i]);
+		c->dev_array[i] = dev_array[i];
 
 	return 0;
+err:
+	while (len--)
+		xfree(dev_array[len]);
+	return -1;
 }
 
 static int nftnl_flowtable_parse_hook(struct nlattr *attr, struct nftnl_flowtable *c)
-- 
1.8.3.1