rpms / nftables

Clone
Source Code
GIT

Blame SOURCES/0026-mnl-dump_nf_hooks-leaks-memory-in-error-path.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c9-beta
  2.   SOURCES
  3.   0026-mnl-dump_nf_hooks-leaks-memory-in-error-path.patch
Blob History Raw
b59ec1 
From 92f540141ca5aa1cc5070ea383c2eabf3206b86e Mon Sep 17 00:00:00 2001
b59ec1 
From: Phil Sutter <psutter@redhat.com>
b59ec1 
Date: Tue, 21 Feb 2023 19:50:41 +0100
b59ec1 
Subject: [PATCH] mnl: dump_nf_hooks() leaks memory in error path
b59ec1
b59ec1 
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2160049
b59ec1 
Upstream Status: nftables commit ef66f321e49b3
b59ec1
b59ec1 
commit ef66f321e49b337c7e678bb90d6acb94f331dfc4
b59ec1 
Author: Phil Sutter <phil@nwl.cc>
b59ec1 
Date:   Wed Jan 11 12:28:15 2023 +0100
b59ec1
b59ec1 
    mnl: dump_nf_hooks() leaks memory in error path
b59ec1
b59ec1 
    Have to free the basehook object before returning to caller.
b59ec1
b59ec1 
    Fixes: 4694f7230195b ("src: add support for base hook dumping")
b59ec1 
    Signed-off-by: Phil Sutter <phil@nwl.cc>
b59ec1
b59ec1 
Signed-off-by: Phil Sutter <psutter@redhat.com>
b59ec1 
---
b59ec1 
 src/mnl.c | 11 +++++++++--
b59ec1 
 1 file changed, 9 insertions(+), 2 deletions(-)
b59ec1
b59ec1 
diff --git a/src/mnl.c b/src/mnl.c
b59ec1 
index 7dd77be..269d3f1 100644
b59ec1 
--- a/src/mnl.c
b59ec1 
+++ b/src/mnl.c
b59ec1 
@@ -2211,16 +2211,23 @@ static int dump_nf_hooks(const struct nlmsghdr *nlh, void *_data)
b59ec1 
 		struct nlattr *nested[NFNLA_HOOK_INFO_MAX + 1] = {};
b59ec1 
 		uint32_t type;
b59ec1
b59ec1 
-		if (mnl_attr_parse_nested(tb[NFNLA_HOOK_CHAIN_INFO], dump_nf_chain_info_cb, nested) < 0)
b59ec1 
+		if (mnl_attr_parse_nested(tb[NFNLA_HOOK_CHAIN_INFO],
b59ec1 
+					  dump_nf_chain_info_cb, nested) < 0) {
b59ec1 
+			basehook_free(hook);
b59ec1 
 			return -1;
b59ec1 
+		}
b59ec1
b59ec1 
 		type = ntohl(mnl_attr_get_u32(nested[NFNLA_HOOK_INFO_TYPE]));
b59ec1 
 		if (type == NFNL_HOOK_TYPE_NFTABLES) {
b59ec1 
 			struct nlattr *info[NFNLA_CHAIN_MAX + 1] = {};
b59ec1 
 			const char *tablename, *chainname;
b59ec1
b59ec1 
-			if (mnl_attr_parse_nested(nested[NFNLA_HOOK_INFO_DESC], dump_nf_attr_chain_cb, info) < 0)
b59ec1 
+			if (mnl_attr_parse_nested(nested[NFNLA_HOOK_INFO_DESC],
b59ec1 
+						  dump_nf_attr_chain_cb,
b59ec1 
+						  info) < 0) {
b59ec1 
+				basehook_free(hook);
b59ec1 
 				return -1;
b59ec1 
+			}
b59ec1
b59ec1 
 			tablename = mnl_attr_get_str(info[NFNLA_CHAIN_TABLE]);
b59ec1 
 			chainname = mnl_attr_get_str(info[NFNLA_CHAIN_NAME]);
b59ec1 
--
b59ec1 
2.39.2
b59ec1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation