From 3578231d0a44c4a7617c046d3ef8b3cb1299c05e Mon Sep 17 00:00:00 2001

From: Phil Sutter <phil@nwl.cc>

Date: Fri, 12 Oct 2018 12:54:09 +0200

Subject: [PATCH] Fix memleak in netlink_parse_fwd() error path

Make sure allocated 'stmt' is freed before returning to caller.

Fixes: 30d45266bf38b ("expr: extend fwd statement to support address and family")

Signed-off-by: Phil Sutter <phil@nwl.cc>

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

(cherry picked from commit 30541cb66e2de38eea04ab28cb14f298cce9d99f)

Signed-off-by: Phil Sutter <psutter@redhat.com>

---

 src/netlink_delinearize.c | 13 ++++++++-----

 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c

index 31d62420d41c8..ae84512c56f3a 100644

--- a/src/netlink_delinearize.c

+++ b/src/netlink_delinearize.c

@@ -1152,9 +1152,11 @@ static void netlink_parse_fwd(struct netlink_parse_ctx *ctx,

 		reg2 = netlink_parse_register(nle, NFTNL_EXPR_FWD_SREG_ADDR);

 		if (reg2) {

 			addr = netlink_get_register(ctx, loc, reg2);

-			if (addr == NULL)

-				return netlink_error(ctx, loc,

-						     "fwd statement has no output expression");

+			if (addr == NULL) {

+				netlink_error(ctx, loc,

+					      "fwd statement has no output expression");

+				goto out_err;

+			}

 			switch (stmt->fwd.family) {

 			case AF_INET:

@@ -1166,8 +1168,9 @@ static void netlink_parse_fwd(struct netlink_parse_ctx *ctx,

 					      BYTEORDER_BIG_ENDIAN);

 				break;

 			default:

-				return netlink_error(ctx, loc,

-						     "fwd statement has no family");

+				netlink_error(ctx, loc,

+					      "fwd statement has no family");

+				goto out_err;

 			}

 			stmt->fwd.addr = addr;

 		}

-- 

2.21.0