iptables: free xtables_match if found in need_protomatch

Fix Coverity Scan ID 1529284 by freeing the xtables_match from xtables_find_match if found. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
author: Christian Marangi 2023-05-29 12:46:49 +0000
committer: Christian Marangi 2023-05-29 12:46:49 +0000
commit: ffba75c9cd8f96ef34b7b3ab35315ce66ba8f37d (patch)
tree: 8f31153e495eda3b55ae45faa6467cb5543366a0
parent: 4cd7d4f36bea731bf901cb067456f1d460294926 (diff)
download: firewall3-ffba75c9cd8f96ef34b7b3ab35315ce66ba8f37d.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/iptables.c b/iptables.c
index 49b3439..83308ec 100644
--- a/iptables.c
+++ b/iptables.c
@@ -709,12 +709,16 @@ init_match(struct fw3_ipt_rule *r, struct xtables_match *m, bool no_clone)
 static bool
 need_protomatch(struct fw3_ipt_rule *r, const char *pname)
 {
+	struct xtables_match *match;
+
 	if (!pname)
 		return false;
 
-	if (!xtables_find_match(pname, XTF_DONT_LOAD, NULL))
+	match = xtables_find_match(pname, XTF_DONT_LOAD, NULL);
+	if (!match)
 		return true;
 
+	free(match);
 	return !r->protocol_loaded;
 }
author	Christian Marangi	2023-05-29 12:46:49 +0000
committer	Christian Marangi	2023-05-29 12:46:49 +0000
commit	ffba75c9cd8f96ef34b7b3ab35315ce66ba8f37d (patch)
tree	8f31153e495eda3b55ae45faa6467cb5543366a0
parent	4cd7d4f36bea731bf901cb067456f1d460294926 (diff)
download	firewall3-ffba75c9cd8f96ef34b7b3ab35315ce66ba8f37d.tar.gz