netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [nft PATCH 4/5] json: Fix memleaks in echo support
Date: Wed, 27 Feb 2019 12:15:26 +0100	[thread overview]
Message-ID: <20190227111525.GF2478@orbyte.nwl.cc> (raw)
In-Reply-To: <20190227102920.waqyt4kp7e7bc7wo@salvia>

Hi Pablo,

On Wed, Feb 27, 2019 at 11:29:20AM +0100, Pablo Neira Ayuso wrote:
> On Tue, Feb 26, 2019 at 10:13:41PM +0100, Phil Sutter wrote:
> > When extracting netlink message data for populating JSON objects with
> > handles, allocated nftnl objects were not freed. Though since freeing
> > these objects also frees retrieved string attributes, copy them using
> > strdupa() which takes care of memory deallocation upon function return.
> > This is ideal since these strings are used only to find the right JSON
> > object to insert the handle into.
> > 
> > Fixes: bb32d8db9a125 ("JSON: Add support for echo option")
> > Signed-off-by: Phil Sutter <phil@nwl.cc>
> > ---
> >  src/parser_json.c | 28 ++++++++++++++++++----------
> >  1 file changed, 18 insertions(+), 10 deletions(-)
> > 
> > diff --git a/src/parser_json.c b/src/parser_json.c
> > index 6755d39c34f0a..c92113ba516c2 100644
> > --- a/src/parser_json.c
> > +++ b/src/parser_json.c
> > @@ -1,3 +1,4 @@
> > +#define _GNU_SOURCE
> >  #include <errno.h>
> >  #include <stdint.h> /* needed by gmputil.h */
> >  #include <string.h>
> > @@ -3485,8 +3486,9 @@ static int json_update_table(struct netlink_mon_handler *monh,
> >  
> >  	nlt = netlink_table_alloc(nlh);
> >  	family = family2str(nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY));
> > -	name = nftnl_table_get_str(nlt, NFTNL_TABLE_NAME);
> > +	name = strdupa(nftnl_table_get_str(nlt, NFTNL_TABLE_NAME));
> 
> Hm, I still don't see why we need this strdupa() call...
> 
> >  	handle = nftnl_table_get_u64(nlt, NFTNL_TABLE_HANDLE);
> > +	nftnl_table_free(nlt);
> 
> The table name attribute is owned by the nlt object.
> 
> This is used by obj_info_matches() which doesn't take this?

Strictly it is not necessary, but the call to nftnl_table_free() would
have to be delayed till after the search. Since the function either
returns from the loop or after it, I would either duplicate the free
call or have to introduce some return value handling.

The original problem is that I first extract the table name using
nftnl_table_get_str(), then two lines later free the nftnl_table object
(which makes the extracted const char *name point at freed memory).

The semantics I follow in all those update functions is:

1) parse netlink message into nftnl object
2) extract required info from nftnl object
3) free nftnl object again (since it's not used anymore afterwards)
4) lookup JSON object with data from (2) and insert handle (also from
(2)).

Using strdupa() allows for this without the need for a final cleanup
step.

Cheers, Phil



  reply	other threads:[~2019-02-27 11:15 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-02-26 21:13 [nft PATCH 0/5] Some fixes for JSON support Phil Sutter
2019-02-26 21:13 ` [nft PATCH 1/5] libnftables: Print errors before freeing commands Phil Sutter
2019-02-26 21:13 ` [nft PATCH 2/5] parser_json: Duplicate chain name when parsing jump verdict Phil Sutter
2019-02-26 21:13 ` [nft PATCH 3/5] parser_json: Use xstrdup() when parsing rule comment Phil Sutter
2019-02-26 21:13 ` [nft PATCH 4/5] json: Fix memleaks in echo support Phil Sutter
2019-02-27 10:29   ` Pablo Neira Ayuso
2019-02-27 11:15     ` Phil Sutter [this message]
2019-02-27 22:29       ` Pablo Neira Ayuso
2019-02-28 10:30         ` Phil Sutter
2019-02-28 11:23           ` Pablo Neira Ayuso
2019-02-26 21:13 ` [nft PATCH 5/5] parser_json: Respect base chain priority Phil Sutter
2019-02-27 10:26 ` [nft PATCH 0/5] Some fixes for JSON support Pablo Neira Ayuso

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190227111525.GF2478@orbyte.nwl.cc \
    --to=phil@nwl.cc \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pablo@netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).