<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - Calling the nftnl_set_free function may trigger the "double free" problem."
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1685#c2">Comment # 2</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - Calling the nftnl_set_free function may trigger the "double free" problem."
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1685">bug 1685</a>
from <span class="vcard"><a class="email" href="mailto:vchanger123456@163.com" title="Chen Zhen <vchanger123456@163.com>"> <span class="fn">Chen Zhen</span></a>
</span></b>
<pre>Sorry, there is a problem with the above code. Updated:
Reproduction code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <netinet/in.h>
#include <linux/netfilter/nf_tables.h>
#include <libnftnl/set.h>
#include <libnftnl/expr.h>
int main(int argc, char *argv[])
{
struct nftnl_set *a = NULL;
struct nftnl_expr *ex;
a = nftnl_set_alloc();
ex = nftnl_expr_alloc("meta");
if (a == NULL || ex == NULL)
printf("OOM\n");
nftnl_expr_set_u32(ex, NFTNL_EXPR_META_KEY, 0x1234568);
nftnl_expr_set_u32(ex, NFTNL_EXPR_META_DREG, 0x78123456);
nftnl_set_set_str(a, NFTNL_SET_TABLE, "test-table");
nftnl_set_set_str(a, NFTNL_SET_NAME, "test-name");
nftnl_set_set_u32(a, NFTNL_SET_FLAGS, 0x12345678);
nftnl_set_set_u32(a, NFTNL_SET_KEY_TYPE, 0x12345678);
nftnl_set_set_u32(a, NFTNL_SET_KEY_LEN, 0x12345678);
nftnl_set_set_u32(a, NFTNL_SET_DATA_TYPE, 0x12345678);
nftnl_set_set_u32(a, NFTNL_SET_DATA_LEN, 0x12345678);
nftnl_set_set_u32(a, NFTNL_SET_FAMILY, 0x12345678);
nftnl_set_set_str(a, NFTNL_SET_USERDATA, "testing user data");
nftnl_set_set(a, NFTNL_SET_EXPR, ex);
nftnl_set_unset(a, NFTNL_SET_EXPR);
nftnl_set_free(a);
printf("ok\n");
return 0;
}</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>