iptables: fix regression with unintended free in need_protomatch

xtables_find_match memory allocation is funny. It can return something allocated in a linked list or return a just allocated match clone and is never freed. This caused confusion and made a broken patch where an unintended free is done in the case of entry not cloned. xtables_find_match have a way to comunicate that the entry is cloned by returning a looping linked list where the next entry is the same entry. We can use this to understand where the entry has to be freed. Fixes: ffba75c9cd8f ("iptables: free xtables_match if found in need_protomatch") Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
author: Christian Marangi 2023-06-10 16:56:11 +0000
committer: Christian Marangi 2023-06-10 19:08:23 +0000
commit: bf1d5fdf623473419f8f738fc9071fee84cb13e5 (patch)
tree: ec578500355d3363c47f8de6f2b102dc5f6ea759
parent: ffba75c9cd8f96ef34b7b3ab35315ce66ba8f37d (diff)
download: firewall3-bf1d5fdf623473419f8f738fc9071fee84cb13e5.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/iptables.c b/iptables.c
index 83308ec..d03d1dd 100644
--- a/iptables.c
+++ b/iptables.c
@@ -718,7 +718,9 @@ need_protomatch(struct fw3_ipt_rule *r, const char *pname)
 	if (!match)
 		return true;
 
-	free(match);
+	/* Free any kind of clone from xtables_find_match */
+	if (match == match->next)
+		free(match);
 	return !r->protocol_loaded;
 }
author	Christian Marangi	2023-06-10 16:56:11 +0000
committer	Christian Marangi	2023-06-10 19:08:23 +0000
commit	bf1d5fdf623473419f8f738fc9071fee84cb13e5 (patch)
tree	ec578500355d3363c47f8de6f2b102dc5f6ea759
parent	ffba75c9cd8f96ef34b7b3ab35315ce66ba8f37d (diff)
download	firewall3-bf1d5fdf623473419f8f738fc9071fee84cb13e5.tar.gz