* [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule @ 2015-02-11 21:12 Alvaro Neira Ayuso 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso 2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso 0 siblings, 2 replies; 5+ messages in thread From: Alvaro Neira Ayuso @ 2015-02-11 21:12 UTC (permalink / raw) To: netfilter-devel Already, we release the tree that we receive from the parameter in nft_jansson_parse_rule. With this patch, we're going to release the tree where we create it. Therefore, we will have a code more traceable and readable. Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> --- [changes in v2] * Reworked the description src/rule.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/rule.c b/src/rule.c index 7f4d049..028dc2e 100644 --- a/src/rule.c +++ b/src/rule.c @@ -597,10 +597,8 @@ int nft_jansson_parse_rule(struct nft_rule *r, json_t *tree, nft_rule_add_expr(r, e); } - nft_jansson_free_root(tree); return 0; err: - nft_jansson_free_root(tree); return -1; } #endif @@ -613,12 +611,16 @@ static int nft_rule_json_parse(struct nft_rule *r, const void *json, #ifdef JSON_PARSING json_t *tree; json_error_t error; + int ret; tree = nft_jansson_create_root(json, &error, err, input); if (tree == NULL) return -1; - return nft_jansson_parse_rule(r, tree, err, set_list); + ret = nft_jansson_parse_rule(r, tree, err, set_list); + + nft_jansson_free_root(tree); + return ret; #else errno = EOPNOTSUPP; return -1; -- 1.7.10.4 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists 2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso @ 2015-02-11 21:12 ` Alvaro Neira Ayuso 2015-02-13 15:57 ` Pablo Neira Ayuso 2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso 1 sibling, 1 reply; 5+ messages in thread From: Alvaro Neira Ayuso @ 2015-02-11 21:12 UTC (permalink / raw) To: netfilter-devel ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in loss record 6 of 6 ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566) ==18632== by 0x5043822: nft_set_list_alloc (set.c:977) ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442) ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696) ==18632== by 0x408AEC: do_command (rule.c:1317) ==18632== by 0x406B05: nft_run (main.c:194) ==18632== by 0x40667C: main (main.c:360) Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> --- [changes in v2] * Reworked the description. Removed overelaborate info. * Fixed leaks in error path. src/ruleset.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/src/ruleset.c b/src/ruleset.c index 15e84cf..f5b6d55 100644 --- a/src/ruleset.c +++ b/src/ruleset.c @@ -439,10 +439,6 @@ static int nft_ruleset_json_parse_ruleset(struct nft_parse_ctx *ctx, json_t *node, *array = ctx->json; int len, i, ret; - ctx->set_list = nft_set_list_alloc(); - if (ctx->set_list == NULL) - return -1; - len = json_array_size(array); for (i = 0; i < len; i++) { node = json_array_get(array, i); @@ -525,12 +521,16 @@ static int nft_ruleset_json_parse(const void *json, ctx.cb = cb; ctx.format = type; + ctx.set_list = nft_set_list_alloc(); + if (ctx.set_list == NULL) + return -1; + if (arg != NULL) nft_ruleset_ctx_set(&ctx, NFT_RULESET_CTX_DATA, arg); root = nft_jansson_create_root(json, &error, err, input); if (root == NULL) - return -1; + goto err; array = json_object_get(root, "nftables"); if (array == NULL) { @@ -554,9 +554,11 @@ static int nft_ruleset_json_parse(const void *json, goto err; } + nft_set_list_free(ctx.set_list); nft_jansson_free_root(root); return 0; err: + nft_set_list_free(ctx.set_list); nft_jansson_free_root(root); return -1; #else @@ -573,10 +575,6 @@ static int nft_ruleset_xml_parse_ruleset(struct nft_parse_ctx *ctx, mxml_node_t *node, *array = ctx->xml; int len = 0, ret; - ctx->set_list = nft_set_list_alloc(); - if (ctx->set_list == NULL) - return -1; - for (node = mxmlFindElement(array, array, NULL, NULL, NULL, MXML_DESCEND_FIRST); node != NULL; @@ -653,12 +651,16 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err, ctx.cb = cb; ctx.format = type; + ctx.set_list = nft_set_list_alloc(); + if (ctx.set_list == NULL) + return -1; + if (arg != NULL) nft_ruleset_ctx_set(&ctx, NFT_RULESET_CTX_DATA, arg); tree = nft_mxml_build_tree(xml, "nftables", err, input); if (tree == NULL) - return -1; + goto err; ctx.xml = tree; @@ -670,9 +672,11 @@ static int nft_ruleset_xml_parse(const void *xml, struct nft_parse_err *err, nodecmd = mxmlWalkNext(tree, tree, MXML_NO_DESCEND); } + nft_set_list_free(ctx.set_list); mxmlDelete(tree); return 0; err: + nft_set_list_free(ctx.set_list); mxmlDelete(tree); return -1; #else -- 1.7.10.4 ^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso @ 2015-02-13 15:57 ` Pablo Neira Ayuso 2015-02-13 16:04 ` Álvaro Neira Ayuso 0 siblings, 1 reply; 5+ messages in thread From: Pablo Neira Ayuso @ 2015-02-13 15:57 UTC (permalink / raw) To: Alvaro Neira Ayuso; +Cc: netfilter-devel On Wed, Feb 11, 2015 at 10:12:22PM +0100, Alvaro Neira Ayuso wrote: > ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in > loss record 6 of 6 > ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566) > ==18632== by 0x5043822: nft_set_list_alloc (set.c:977) > ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442) > ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696) > ==18632== by 0x408AEC: do_command (rule.c:1317) > ==18632== by 0x406B05: nft_run (main.c:194) > ==18632== by 0x40667C: main (main.c:360) Also applied. I found more leaks, just pushed a patch to fix them ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists 2015-02-13 15:57 ` Pablo Neira Ayuso @ 2015-02-13 16:04 ` Álvaro Neira Ayuso 0 siblings, 0 replies; 5+ messages in thread From: Álvaro Neira Ayuso @ 2015-02-13 16:04 UTC (permalink / raw) To: Pablo Neira Ayuso; +Cc: netfilter-devel El 13/02/15 a las 16:57, Pablo Neira Ayuso escribió: > On Wed, Feb 11, 2015 at 10:12:22PM +0100, Alvaro Neira Ayuso wrote: >> ==18632== 285 (16 direct, 269 indirect) bytes in 1 blocks are definitely lost in >> loss record 6 of 6 >> ==18632== at 0x4C272B8: calloc (vg_replace_malloc.c:566) >> ==18632== by 0x5043822: nft_set_list_alloc (set.c:977) >> ==18632== by 0x5045483: nft_ruleset_json_parse (ruleset.c:442) >> ==18632== by 0x50458BE: nft_ruleset_do_parse (ruleset.c:696) >> ==18632== by 0x408AEC: do_command (rule.c:1317) >> ==18632== by 0x406B05: nft_run (main.c:194) >> ==18632== by 0x40667C: main (main.c:360) > > Also applied. I found more leaks, just pushed a patch to fix them > I have already seen the changes. Sorry and thanks Pablo to fix them. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule 2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso @ 2015-02-13 15:56 ` Pablo Neira Ayuso 1 sibling, 0 replies; 5+ messages in thread From: Pablo Neira Ayuso @ 2015-02-13 15:56 UTC (permalink / raw) To: Alvaro Neira Ayuso; +Cc: netfilter-devel On Wed, Feb 11, 2015 at 10:12:21PM +0100, Alvaro Neira Ayuso wrote: > Already, we release the tree that we receive from the parameter in > nft_jansson_parse_rule. With this patch, we're going to release the tree where > we create it. Therefore, we will have a code more traceable and readable. Applied. ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-02-13 16:03 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2015-02-11 21:12 [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Alvaro Neira Ayuso 2015-02-11 21:12 ` [libnftnl PATCH v2] ruleset: fix a leak when we use the set lists Alvaro Neira Ayuso 2015-02-13 15:57 ` Pablo Neira Ayuso 2015-02-13 16:04 ` Álvaro Neira Ayuso 2015-02-13 15:56 ` [libnftnl PATCH v2] rule: don't release the tree parameter in the function nft_jansson_parse_rule Pablo Neira Ayuso
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).