* [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule
@ 2015-02-11 21:12 Alvaro Neira Ayuso
2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso
2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso
0 siblings, 2 replies; 5+ messages in thread
From: Alvaro Neira Ayuso @ 2015-02-11 21:12 UTC (permalink / raw)
To: netfilter-devel
Already, we release the tree that we receive from the parameter in
nft_jansson_parse_rule. With this patch, we're going to release the tree where
we create it. Therefore, we will have a code more traceable and readable.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
---
[changes in v2]
* Reworked the description
src/rule.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/rule.c b/src/rule.c
index 7f4d049..028dc2e 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -597,10 +597,8 @@ int nft_jansson_parse_rule(struct nft_rule *r, json_t *tree,
nft_rule_add_expr(r, e);
}
- nft_jansson_free_root(tree);
return 0;
err:
- nft_jansson_free_root(tree);
return -1;
}
#endif
@@ -613,12 +611,16 @@ static int nft_rule_json_parse(struct nft_rule *r, const void *json,
#ifdef JSON_PARSING
json_t *tree;
json_error_t error;
+ int ret;
tree = nft_jansson_create_root(json, &error, err, input);
if (tree == NULL)
return -1;
- return nft_jansson_parse_rule(r, tree, err, set_list);
+ ret = nft_jansson_parse_rule(r, tree, err, set_list);
+
+ nft_jansson_free_root(tree);
+ return ret;
#else
errno = EOPNOTSUPP;
return -1;
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists
2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso
@ 2015-02-11 21:12 ` Alvaro Neira Ayuso
2015-02-13 15:57 ` Pablo Neira Ayuso
2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso
1 sibling, 1 reply; 5+ messages in thread
From: Alvaro Neira Ayuso @ 2015-02-11 21:12 UTC (permalink / raw)
To: netfilter-devel
==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in
loss record 6 of 6
==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566)
==18632== by 0x5043822: nft_set_list_alloc (set.c:977)
==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442)
==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696)
==18632== by 0x408AEC: do_command (rule.c:1317)
==18632== by 0x406B05: nft_run (main.c:194)
==18632== by 0x40667C: main (main.c:360)
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
---
[changes in v2]
* Reworked the description. Removed overelaborate info.
* Fixed leaks in error path.
src/ruleset.c | 24 ++++++++++++++----------
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/src/ruleset.c b/src/ruleset.c
index 15e84cf..f5b6d55 100644
--- a/src/ruleset.c
+++ b/src/ruleset.c
@@ -439,10 +439,6 @@ static int nft_ruleset_json_parse_ruleset(struct nft_parse_ctx *ctx,
json_t *node, *array = ctx->json;
int len, i, ret;
- ctx->set_list = nft_set_list_alloc();
- if (ctx->set_list == NULL)
- return -1;
-
len = json_array_size(array);
for (i = 0; i < len; i++) {
node = json_array_get(array, i);
@@ -525,12 +521,16 @@ static int nft_ruleset_json_parse(const void *json,
ctx.cb = cb;
ctx.format = type;
+ ctx.set_list = nft_set_list_alloc();
+ if (ctx.set_list == NULL)
+ return -1;
+
if (arg != NULL)
nft_ruleset_ctx_set(&ctx, NFT_RULESET_CTX_DATA, arg);
root = nft_jansson_create_root(json, &error, err, input);
if (root == NULL)
- return -1;
+ goto err;
array = json_object_get(root, "nftables");
if (array == NULL) {
@@ -554,9 +554,11 @@ static int nft_ruleset_json_parse(const void *json,
goto err;
}
+ nft_set_list_free(ctx.set_list);
nft_jansson_free_root(root);
return 0;
err:
+ nft_set_list_free(ctx.set_list);
nft_jansson_free_root(root);
return -1;
#else
@@ -573,10 +575,6 @@ static int nft_ruleset_xml_parse_ruleset(struct nft_parse_ctx *ctx,
mxml_node_t *node, *array = ctx->xml;
int len = 0, ret;
- ctx->set_list = nft_set_list_alloc();
- if (ctx->set_list == NULL)
- return -1;
-
for (node = mxmlFindElement(array, array, NULL, NULL, NULL,
MXML_DESCEND_FIRST);
node != NULL;
@@ -653,12 +651,16 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err,
ctx.cb = cb;
ctx.format = type;
+ ctx.set_list = nft_set_list_alloc();
+ if (ctx.set_list == NULL)
+ return -1;
+
if (arg != NULL)
nft_ruleset_ctx_set(&ctx, NFT_RULESET_CTX_DATA, arg);
tree = nft_mxml_build_tree(xml, "nftables", err, input);
if (tree == NULL)
- return -1;
+ goto err;
ctx.xml = tree;
@@ -670,9 +672,11 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err,
nodecmd = mxmlWalkNext(tree, tree, MXML_NO_DESCEND);
}
+ nft_set_list_free(ctx.set_list);
mxmlDelete(tree);
return 0;
err:
+ nft_set_list_free(ctx.set_list);
mxmlDelete(tree);
return -1;
#else
--
1.7.10.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule
2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso
2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso
@ 2015-02-13 15:56 ` Pablo Neira Ayuso
1 sibling, 0 replies; 5+ messages in thread
From: Pablo Neira Ayuso @ 2015-02-13 15:56 UTC (permalink / raw)
To: Alvaro Neira Ayuso; +Cc: netfilter-devel
On Wed, Feb 11, 2015 at 10:12:21PM +0100, Alvaro Neira Ayuso wrote:
> Already, we release the tree that we receive from the parameter in
> nft_jansson_parse_rule. With this patch, we're going to release the tree where
> we create it. Therefore, we will have a code more traceable and readable.
Applied.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists
2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso
@ 2015-02-13 15:57 ` Pablo Neira Ayuso
2015-02-13 16:04 ` Álvaro Neira Ayuso
0 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2015-02-13 15:57 UTC (permalink / raw)
To: Alvaro Neira Ayuso; +Cc: netfilter-devel
On Wed, Feb 11, 2015 at 10:12:22PM +0100, Alvaro Neira Ayuso wrote:
> ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in
> loss record 6 of 6
> ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566)
> ==18632== by 0x5043822: nft_set_list_alloc (set.c:977)
> ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442)
> ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696)
> ==18632== by 0x408AEC: do_command (rule.c:1317)
> ==18632== by 0x406B05: nft_run (main.c:194)
> ==18632== by 0x40667C: main (main.c:360)
Also applied. I found more leaks, just pushed a patch to fix them
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists
2015-02-13 15:57 ` Pablo Neira Ayuso
@ 2015-02-13 16:04 ` Álvaro Neira Ayuso
0 siblings, 0 replies; 5+ messages in thread
From: Álvaro Neira Ayuso @ 2015-02-13 16:04 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: netfilter-devel
El 13/02/15 a las 16:57, Pablo Neira Ayuso escribió:
> On Wed, Feb 11, 2015 at 10:12:22PM +0100, Alvaro Neira Ayuso wrote:
>> ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in
>> loss record 6 of 6
>> ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566)
>> ==18632== by 0x5043822: nft_set_list_alloc (set.c:977)
>> ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442)
>> ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696)
>> ==18632== by 0x408AEC: do_command (rule.c:1317)
>> ==18632== by 0x406B05: nft_run (main.c:194)
>> ==18632== by 0x40667C: main (main.c:360)
>
> Also applied. I found more leaks, just pushed a patch to fix them
>
I have already seen the changes. Sorry and thanks Pablo to fix them.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-02-13 16:03 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso
2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso
2015-02-13 15:57 ` Pablo Neira Ayuso
2015-02-13 16:04 ` Álvaro Neira Ayuso
2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.