* [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule @ 2015-02-11 21:12 Alvaro Neira Ayuso 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso 2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso 0 siblings, 2 replies; 5+ messages in thread From: Alvaro Neira Ayuso @ 2015-02-11 21:12 UTC (permalink / raw) To: netfilter-devel Already, we release the tree that we receive from the parameter in nft_jansson_parse_rule. With this patch, we're going to release the tree where we create it. Therefore, we will have a code more traceable and readable. Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> --- [changes in v2] * Reworked the description src/rule.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/rule.c b/src/rule.c index 7f4d049..028dc2e 100644 --- a/src/rule.c +++ b/src/rule.c @@ -597,10 +597,8 @@ int nft_jansson_parse_rule(struct nft_rule *r, json_t *tree, nft_rule_add_expr(r, e); } - nft_jansson_free_root(tree); return 0; err: - nft_jansson_free_root(tree); return -1; } #endif @@ -613,12 +611,16 @@ static int nft_rule_json_parse(struct nft_rule *r, const void *json, #ifdef JSON_PARSING json_t *tree; json_error_t error; + int ret; tree = nft_jansson_create_root(json, &error, err, input); if (tree == NULL) return -1; - return nft_jansson_parse_rule(r, tree, err, set_list); + ret = nft_jansson_parse_rule(r, tree, err, set_list); + + nft_jansson_free_root(tree); + return ret; #else errno = EOPNOTSUPP; return -1; -- 1.7.10.4 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists 2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso @ 2015-02-11 21:12 ` Alvaro Neira Ayuso 2015-02-13 15:57 ` Pablo Neira Ayuso 2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso 1 sibling, 1 reply; 5+ messages in thread From: Alvaro Neira Ayuso @ 2015-02-11 21:12 UTC (permalink / raw) To: netfilter-devel ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in loss record 6 of 6 ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566) ==18632== by 0x5043822: nft_set_list_alloc (set.c:977) ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442) ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696) ==18632== by 0x408AEC: do_command (rule.c:1317) ==18632== by 0x406B05: nft_run (main.c:194) ==18632== by 0x40667C: main (main.c:360) Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> --- [changes in v2] * Reworked the description. Removed overelaborate info. * Fixed leaks in error path. src/ruleset.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/src/ruleset.c b/src/ruleset.c index 15e84cf..f5b6d55 100644 --- a/src/ruleset.c +++ b/src/ruleset.c @@ -439,10 +439,6 @@ static int nft_ruleset_json_parse_ruleset(struct nft_parse_ctx *ctx, json_t *node, *array = ctx->json; int len, i, ret; - ctx->set_list = nft_set_list_alloc(); - if (ctx->set_list == NULL) - return -1; - len = json_array_size(array); for (i = 0; i < len; i++) { node = json_array_get(array, i); @@ -525,12 +521,16 @@ static int nft_ruleset_json_parse(const void *json, ctx.cb = cb; ctx.format = type; + ctx.set_list = nft_set_list_alloc(); + if (ctx.set_list == NULL) + return -1; + if (arg != NULL) nft_ruleset_ctx_set(&ctx, NFT_RULESET_CTX_DATA, arg); root = nft_jansson_create_root(json, &error, err, input); if (root == NULL) - return -1; + goto err; array = json_object_get(root, "nftables"); if (array == NULL) { @@ -554,9 +554,11 @@ static int nft_ruleset_json_parse(const void *json, goto err; } + nft_set_list_free(ctx.set_list); nft_jansson_free_root(root); return 0; err: + nft_set_list_free(ctx.set_list); nft_jansson_free_root(root); return -1; #else @@ -573,10 +575,6 @@ static int nft_ruleset_xml_parse_ruleset(struct nft_parse_ctx *ctx, mxml_node_t *node, *array = ctx->xml; int len = 0, ret; - ctx->set_list = nft_set_list_alloc(); - if (ctx->set_list == NULL) - return -1; - for (node = mxmlFindElement(array, array, NULL, NULL, NULL, MXML_DESCEND_FIRST); node != NULL; @@ -653,12 +651,16 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err, ctx.cb = cb; ctx.format = type; + ctx.set_list = nft_set_list_alloc(); + if (ctx.set_list == NULL) + return -1; + if (arg != NULL) nft_ruleset_ctx_set(&ctx, NFT_RULESET_CTX_DATA, arg); tree = nft_mxml_build_tree(xml, "nftables", err, input); if (tree == NULL) - return -1; + goto err; ctx.xml = tree; @@ -670,9 +672,11 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err, nodecmd = mxmlWalkNext(tree, tree, MXML_NO_DESCEND); } + nft_set_list_free(ctx.set_list); mxmlDelete(tree); return 0; err: + nft_set_list_free(ctx.set_list); mxmlDelete(tree); return -1; #else -- 1.7.10.4 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso @ 2015-02-13 15:57 ` Pablo Neira Ayuso 2015-02-13 16:04 ` Álvaro Neira Ayuso 0 siblings, 1 reply; 5+ messages in thread From: Pablo Neira Ayuso @ 2015-02-13 15:57 UTC (permalink / raw) To: Alvaro Neira Ayuso; +Cc: netfilter-devel On Wed, Feb 11, 2015 at 10:12:22PM +0100, Alvaro Neira Ayuso wrote: > ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in > loss record 6 of 6 > ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566) > ==18632== by 0x5043822: nft_set_list_alloc (set.c:977) > ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442) > ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696) > ==18632== by 0x408AEC: do_command (rule.c:1317) > ==18632== by 0x406B05: nft_run (main.c:194) > ==18632== by 0x40667C: main (main.c:360) Also applied. I found more leaks, just pushed a patch to fix them ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists 2015-02-13 15:57 ` Pablo Neira Ayuso @ 2015-02-13 16:04 ` Álvaro Neira Ayuso 0 siblings, 0 replies; 5+ messages in thread From: Álvaro Neira Ayuso @ 2015-02-13 16:04 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: netfilter-devel El 13/02/15 a las 16:57, Pablo Neira Ayuso escribió: > On Wed, Feb 11, 2015 at 10:12:22PM +0100, Alvaro Neira Ayuso wrote: >> ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in >> loss record 6 of 6 >> ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566) >> ==18632== by 0x5043822: nft_set_list_alloc (set.c:977) >> ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442) >> ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696) >> ==18632== by 0x408AEC: do_command (rule.c:1317) >> ==18632== by 0x406B05: nft_run (main.c:194) >> ==18632== by 0x40667C: main (main.c:360) > > Also applied. I found more leaks, just pushed a patch to fix them > I have already seen the changes. Sorry and thanks Pablo to fix them. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule 2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso @ 2015-02-13 15:56 ` Pablo Neira Ayuso 1 sibling, 0 replies; 5+ messages in thread From: Pablo Neira Ayuso @ 2015-02-13 15:56 UTC (permalink / raw) To: Alvaro Neira Ayuso; +Cc: netfilter-devel On Wed, Feb 11, 2015 at 10:12:21PM +0100, Alvaro Neira Ayuso wrote: > Already, we release the tree that we receive from the parameter in > nft_jansson_parse_rule. With this patch, we're going to release the tree where > we create it. Therefore, we will have a code more traceable and readable. Applied. ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-02-13 16:03 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso 2015-02-13 15:57 ` Pablo Neira Ayuso 2015-02-13 16:04 ` Álvaro Neira Ayuso 2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.