[Bug 1685] Calling the nftnl_set_free function may trigger the "double free" problem.
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri Jun 2 05:22:54 CEST 2023
https://bugzilla.netfilter.org/show_bug.cgi?id=1685
--- Comment #9 from Chen Zhen <vchanger123456 at 163.com> ---
(In reply to Pablo Neira Ayuso from comment #8)
> Phil already fix it here:
>
> https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230531123256.
> 4882-1-phil at nwl.cc/
Yes, this patch can fix the problem, but do I think we should add the if
(s->flags & (1 << NFTNL_SET_EXPR)) judgment to the nftnl_set_free function?
- list_for_each_entry_safe(expr, next, &s->expr_list, head)
+ if (s->flags & (1 << NFTNL_SET_EXPR)){
+ list_for_each_entry_safe(expr, next, &s->expr_list, head) {
+ list_del(&expr->head);
nftnl_expr_free(expr);
+ }
+ }
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230602/82a77781/attachment.html>
More information about the netfilter-buglog
mailing list