37 lines
1.2 KiB
Diff
37 lines
1.2 KiB
Diff
|
From db7fc1862b8bd5e2eea83ed4089fcf35fc01c032 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Phil Sutter <phil@nwl.cc>
|
||
|
|
Date: Tue, 23 Jul 2024 21:31:34 +0200
|
||
|
|
Subject: nft: cmd: Init struct nft_cmd::head early
|
||
|
|
|
||
|
|
Calling nft_cmd_free() in error case segfaults otherwise if the to be
|
||
|
|
freed object is not part of a list yet.
|
||
|
|
|
||
|
|
Exposed by commit eab75ed36a4f2 ("nft: Avoid memleak in error path of
|
||
|
|
nft_cmd_new()"), but belongs to commit a7f1e208cdf9c (and may go well
|
||
|
|
along with it).
|
||
|
|
|
||
|
|
Fixes: a7f1e208cdf9c ("nft: split parsing from netlink commands")
|
||
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
||
|
|
|
||
|
|
Conflict:NA
|
||
|
|
Reference:https://git.netfilter.org/iptables/commit/?id=db7fc1862b8bd5e2eea83ed4089fcf35fc01c032
|
||
|
|
---
|
||
|
|
iptables/nft-cmd.c | 1 +
|
||
|
|
1 file changed, 1 insertion(+)
|
||
|
|
|
||
|
|
diff --git a/iptables/nft-cmd.c b/iptables/nft-cmd.c
|
||
|
|
index b38da9bd..58d5aa11 100644
|
||
|
|
--- a/iptables/nft-cmd.c
|
||
|
|
+++ b/iptables/nft-cmd.c
|
||
|
|
@@ -28,6 +28,7 @@ struct nft_cmd *nft_cmd_new(struct nft_handle *h, int command,
|
||
|
|
struct nft_cmd *cmd;
|
||
|
|
|
||
|
|
cmd = xtables_calloc(1, sizeof(struct nft_cmd));
|
||
|
|
+ INIT_LIST_HEAD(&cmd->head);
|
||
|
|
cmd->error.lineno = h->error.lineno;
|
||
|
|
cmd->command = command;
|
||
|
|
cmd->table = xtables_strdup(table);
|
||
|
|
--
|
||
|
|
cgit v1.2.3
|
||
|
|
|