<html>
    <head>
      <base href="https://bugzilla.netfilter.org/" />
    </head>
    <body>
      <p>
        <div>
            <b><a class="bz_bug_link 
          bz_status_RESOLVED  bz_closed"
   title="RESOLVED FIXED - Calling the nftnl_set_free function may trigger the "double free" problem."
   href="https://bugzilla.netfilter.org/show_bug.cgi?id=1685#c9">Comment # 9</a>
              on <a class="bz_bug_link 
          bz_status_RESOLVED  bz_closed"
   title="RESOLVED FIXED - Calling the nftnl_set_free function may trigger the "double free" problem."
   href="https://bugzilla.netfilter.org/show_bug.cgi?id=1685">bug 1685</a>
              from <span class="vcard"><a class="email" href="mailto:vchanger123456@163.com" title="Chen Zhen <vchanger123456@163.com>"> <span class="fn">Chen Zhen</span></a>
</span></b>
        <pre>(In reply to Pablo Neira Ayuso from <a href="show_bug.cgi?id=1685#c8">comment #8</a>)
<span class="quote">> Phil already fix it here:
> 
> <a href="https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230531123256">https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230531123256</a>.
> <a href="mailto:4882-1-phil@nwl.cc">4882-1-phil@nwl.cc</a>/</span >

Yes, this patch can fix the problem, but do I think we should add the if
(s->flags & (1 << NFTNL_SET_EXPR)) judgment to the nftnl_set_free function?

-    list_for_each_entry_safe(expr, next, &s->expr_list, head)
+       if (s->flags & (1 << NFTNL_SET_EXPR)){
+        list_for_each_entry_safe(expr, next, &s->expr_list, head) {
+        list_del(&expr->head);
         nftnl_expr_free(expr);
+        }
+       }</pre>
        </div>
      </p>
      <hr>
      <span>You are receiving this mail because:</span>
      
      <ul>
          <li>You are watching all bug changes.</li>
      </ul>
    </body>
</html>