[nftables libnl] libnl: nft_log_expr: fix prefix leak

Patrick McHardy netfilter-cvslog-bounces at lists.netfilter.org
Fri Mar 20 18:13:46 CET 2009 

Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnl-nft.git;a=commit;h=fbe4f656c758b711b5f24d62d33fb563000bac7e
commit fbe4f656c758b711b5f24d62d33fb563000bac7e
Author:     Patrick McHardy <kaber at trash.net>
AuthorDate: Fri Mar 20 17:59:53 2009 +0100
Commit:     Patrick McHardy <kaber at trash.net>
CommitDate: Fri Mar 20 17:59:53 2009 +0100

    libnl: nft_log_expr: fix prefix leak
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>
       via  fbe4f656c758b711b5f24d62d33fb563000bac7e (commit)
      from  d70b8153a31618fd49af97850dcc7bf329fbe0f5 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit fbe4f656c758b711b5f24d62d33fb563000bac7e
Author: Patrick McHardy <kaber at trash.net>
Date:   Fri Mar 20 17:59:53 2009 +0100

    libnl: nft_log_expr: fix prefix leak
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>

-----------------------------------------------------------------------

 lib/netfilter/nft_log_expr.c |   13 ++++++++++---
 1 files changed, 10 insertions(+), 3 deletions(-)
Signed-off-by: Patrick McHardy <kaber at trash.net>

diff --git a/lib/netfilter/nft_log_expr.c b/lib/netfilter/nft_log_expr.c
index efb3406..533d8b8 100644
--- a/lib/netfilter/nft_log_expr.c
+++ b/lib/netfilter/nft_log_expr.c
@@ -22,7 +22,7 @@
 #include <netlink/netfilter/nft-expr-modules.h>
 
 struct nft_log_expr {
-	const char	*prefix;
+	char		*prefix;
 	unsigned int	group;
 	unsigned int	snaplen;
 	unsigned int	qthreshold;
@@ -57,6 +57,13 @@ static struct nft_log_expr *nft_log_expr_alloc(struct nfnl_nft_expr *expr)
 	return nft_log(expr);
 }
 
+static void nft_log_free_data(struct nfnl_nft_expr *expr)
+{
+	struct nft_log_expr *log = nft_log(expr);
+
+	free(log->prefix);
+}
+
 static int nft_log_msg_parser(struct nfnl_nft_expr *expr, struct nlattr *tb[])
 {
 	struct nft_log_expr *log;
@@ -129,7 +136,7 @@ int nfnl_nft_log_init(struct nfnl_nft_expr *expr)
 
 void nfnl_nft_log_set_prefix(struct nfnl_nft_expr *expr, const char *prefix)
 {
-	nft_log(expr)->prefix = prefix;
+	nft_log(expr)->prefix = strdup(prefix);
 }
 
 const char *nfnl_nft_log_get_prefix(const struct nfnl_nft_expr *expr)
@@ -172,7 +179,7 @@ static struct nft_expr_ops log_expr_ops = {
 	.eo_dump[NL_DUMP_DETAILS]	= nft_log_dump,
 	.eo_get_opts		= nft_log_get_opts,
 	.eo_msg_parser		= nft_log_msg_parser,
-	.eo_free_data		= NULL, //nft_log_free_data,
+	.eo_free_data		= nft_log_free_data,
 	.eo_clone		= NULL,
 	.eo_policy		= nft_log_policy,
 	.eo_maxattr		= NFTA_LOG_MAX,

More information about the netfilter-cvslog mailing list