[PATCH nft] evaluate: memleak in binary operation transfer to RHS

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH nft] evaluate: memleak in binary operation transfer to RHS
@ 2021-06-16 23:41 Pablo Neira Ayuso
  0 siblings, 0 replies; only message in thread
From: Pablo Neira Ayuso @ 2021-06-16 23:41 UTC (permalink / raw)
  To: netfilter-devel

Remove reference counter on expression that results in the memleak of
the RHS constant expression.

Direct leak of 136 byte(s) in 1 object(s) allocated from:
    #0 0x7f4cd54af330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
    #1 0x7f4cd4d9e489 in xmalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:36
    #2 0x7f4cd4d9e648 in xzalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:75
    #3 0x7f4cd4caf8c6 in expr_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/expression.c:45
    #4 0x7f4cd4cb36e9 in constant_expr_alloc /home/pablo/devel/scm/git-netfilter/nftables/src/expression.c:419
    #5 0x7f4cd4ca714c in integer_type_parse /home/pablo/devel/scm/git-netfilter/nftables/src/datatype.c:397
    #6 0x7f4cd4ca4bee in symbolic_constant_parse /home/pablo/devel/scm/git-netfilter/nftables/src/datatype.c:165
    #7 0x7f4cd4ca4572 in symbol_parse /home/pablo/devel/scm/git-netfilter/nftables/src/datatype.c:135
    #8 0x7f4cd4cc333f in expr_evaluate_symbol /home/pablo/devel/scm/git-netfilter/nftables/src/evaluate.c:251
[...]
Indirect leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x7f4cd54af330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
    #1 0x7f4cd4d9e489 in xmalloc /home/pablo/devel/scm/git-netfilter/nftables/src/utils.c:36
    #2 0x7f4cd46185c5 in __gmpz_init2 (/usr/lib/x86_64-linux-gnu/libgmp.so.10+0x1c5c5)

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/evaluate.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/evaluate.c b/src/evaluate.c
index 77fb24594735..35ef8a376170 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1770,8 +1770,6 @@ static int binop_transfer_one(struct eval_ctx *ctx,
 		return 0;
 	}
 
-	expr_get(*right);
-
 	switch (left->op) {
 	case OP_LSHIFT:
 		(*right) = binop_expr_alloc(&(*right)->location, OP_RSHIFT,
-- 
2.20.1


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2021-06-16 23:41 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-06-16 23:41 [PATCH nft] evaluate: memleak in binary operation transfer to RHS Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).