[netfilter-cvslog] r6465 - trunk/iptables
laforge at netfilter.org
laforge at netfilter.org
Sat Feb 11 10:34:16 CET 2006
Author: laforge at netfilter.org
Date: 2006-02-11 10:34:16 +0100 (Sat, 11 Feb 2006)
New Revision: 6465
Modified:
trunk/iptables/ip6tables.c
trunk/iptables/iptables.c
Log:
fix double-free if a single match is used multiple times within a signle rule
(Closes: #440). However, while this fixes the double-free, it still doesn't make iptables
support two of the same matches within one rule. Apparently the last matchinfo is copied into all the previous
matchinfo instances.
Modified: trunk/iptables/ip6tables.c
===================================================================
--- trunk/iptables/ip6tables.c 2006-02-09 16:57:31 UTC (rev 6464)
+++ trunk/iptables/ip6tables.c 2006-02-11 09:34:16 UTC (rev 6465)
@@ -1691,8 +1691,10 @@
for (matchp = *matches; matchp;) {
tmp = matchp->next;
- if (matchp->match->m)
+ if (matchp->match->m) {
free(matchp->match->m);
+ matchp->match->m = NULL;
+ }
free(matchp);
matchp = tmp;
}
Modified: trunk/iptables/iptables.c
===================================================================
--- trunk/iptables/iptables.c 2006-02-09 16:57:31 UTC (rev 6464)
+++ trunk/iptables/iptables.c 2006-02-11 09:34:16 UTC (rev 6465)
@@ -1800,8 +1800,10 @@
for (matchp = *matches; matchp;) {
tmp = matchp->next;
- if (matchp->match->m)
+ if (matchp->match->m) {
free(matchp->match->m);
+ matchp->match->m = NULL;
+ }
free(matchp);
matchp = tmp;
}
More information about the netfilter-cvslog
mailing list