From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH nft] rule: memleak of list of timeout policies
Date: Thu, 17 Jun 2021 17:49:15 +0200 [thread overview]
Message-ID: <20210617154915.3828-1-pablo@netfilter.org> (raw)
Release list of ct timeout policy when object is freed.
Direct leak of 160 byte(s) in 2 object(s) allocated from:
#0 0x7fc0273ad330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
#1 0x7fc0231377c4 in xmalloc /home/.../devel/nftables/src/utils.c:36
#2 0x7fc023137983 in xzalloc /home/.../devel/nftables/src/utils.c:75
#3 0x7fc0231f64d6 in nft_parse /home/.../devel/nftables/src/parser_bison.y:4448
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
After this update tests/py shows only memleaks in Python and there is still
one small string memleak in the parser that I didn't find yet.
src/netlink.c | 1 +
src/parser_bison.y | 1 +
src/rule.c | 8 ++++++++
3 files changed, 10 insertions(+)
diff --git a/src/netlink.c b/src/netlink.c
index f2c1a4a15dee..c5fd38044b41 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1484,6 +1484,7 @@ struct obj *netlink_delinearize_obj(struct netlink_ctx *ctx,
obj->ct_helper.l4proto = nftnl_obj_get_u8(nlo, NFTNL_OBJ_CT_HELPER_L4PROTO);
break;
case NFT_OBJECT_CT_TIMEOUT:
+ init_list_head(&obj->ct_timeout.timeout_list);
obj->ct_timeout.l3proto = nftnl_obj_get_u16(nlo, NFTNL_OBJ_CT_TIMEOUT_L3PROTO);
obj->ct_timeout.l4proto = nftnl_obj_get_u8(nlo, NFTNL_OBJ_CT_TIMEOUT_L4PROTO);
memcpy(obj->ct_timeout.timeout,
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 5e702a054f44..d0bbb6dedc82 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -1748,6 +1748,7 @@ table_block : /* empty */ { $$ = $<table>-1; }
{
$5->location = @4;
$5->type = NFT_OBJECT_CT_TIMEOUT;
+ init_list_head(&$5->ct_timeout.timeout_list);
handle_merge(&$5->handle, &$4);
handle_free(&$4);
list_add_tail(&$5->list, &$1->objs);
diff --git a/src/rule.c b/src/rule.c
index 92daf2f33b76..10569aa7875a 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1709,6 +1709,14 @@ void obj_free(struct obj *obj)
return;
xfree(obj->comment);
handle_free(&obj->handle);
+ if (obj->type == NFT_OBJECT_CT_TIMEOUT) {
+ struct timeout_state *ts, *next;
+
+ list_for_each_entry_safe(ts, next, &obj->ct_timeout.timeout_list, head) {
+ list_del(&ts->head);
+ xfree(ts);
+ }
+ }
xfree(obj);
}
--
2.20.1
reply other threads:[~2021-06-17 15:49 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210617154915.3828-1-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).