Commit 780c97de authored by Jussi Laakkonen's avatar Jussi Laakkonen

[connman] Fix firewall memory leaks. JB#43924

Fix some of the memory leaks detected with test-firewall.c. Also fix
memory leaks with the test as well.
parent 9931c170
......@@ -269,7 +269,7 @@ static int insert_managed_rule(connman_iptables_manage_cb_t cb,
{
struct connman_managed_table *mtable = NULL;
GSList *list;
char *chain;
char *chain = NULL;
char *full_rule = NULL;
int id, err;
......@@ -307,7 +307,7 @@ static int insert_managed_rule(connman_iptables_manage_cb_t cb,
err = insert_managed_chain(type, table_name, id);
if (err < 0)
return err;
goto err;
}
mtable->chains[id]++;
......@@ -320,7 +320,8 @@ out:
else
err = __connman_iptables_append(type, table_name, chain,
full_rule ? full_rule : rule_spec);
err:
if (err < 0)
DBG("table %s cannot append rule %s", table_name,
full_rule ? full_rule : rule_spec);
......@@ -339,7 +340,7 @@ static int delete_managed_rule(int type, const char *table_name,
struct connman_managed_table *mtable = NULL;
GSList *list;
int id, err;
char *managed_chain;
char *managed_chain = NULL;
char *full_rule = NULL;
id = chain_to_index(chain_name);
......@@ -348,9 +349,10 @@ static int delete_managed_rule(int type, const char *table_name,
if (id < 0) {
/* This chain is not managed */
return __connman_iptables_delete(type, table_name,
err = __connman_iptables_delete(type, table_name,
chain_name,
full_rule ? full_rule : rule_spec);
goto out;
}
managed_chain = g_strdup_printf("%s%s", CHAIN_PREFIX, chain_name);
......@@ -387,7 +389,7 @@ static int delete_managed_rule(int type, const char *table_name,
err = delete_managed_chain(type, table_name, id);
out:
out:
g_free(managed_chain);
g_free(full_rule);
......@@ -1747,7 +1749,7 @@ static int enable_general_firewall_policies(int type, char **policies)
int err;
int i;
if (!policies || !g_strv_length(policies))
if (!policies)
return 0;
for (i = NF_IP_LOCAL_IN; i < NF_IP_NUMHOOKS - 1; i++) {
......
......@@ -2614,6 +2614,8 @@ static void firewall_test_basic0()
g_assert_cmpint(__connman_firewall_disable(ctx), ==, 0);
__connman_firewall_destroy(ctx);
__connman_firewall_pre_cleanup();
__connman_firewall_cleanup();
__connman_iptables_cleanup();
......@@ -2661,6 +2663,7 @@ static void firewall_test_basic1()
g_assert_cmpint(g_slist_length(rules_ipv6), ==, 6);
g_assert(__connman_firewall_disable(ctx) == 0);
__connman_firewall_destroy(ctx);
g_assert_cmpint(g_slist_length(rules_ipv4), ==, 0);
g_assert_cmpint(g_slist_length(rules_ipv6), ==, 0);
......@@ -2759,6 +2762,7 @@ static void firewall_test_basic2()
g_assert_cmpint(g_slist_length(rules_ipv6), ==, 0);
g_assert(__connman_firewall_disable(ctx) == 0);
__connman_firewall_destroy(ctx);
g_assert_cmpint(g_slist_length(rules_ipv4), ==, 0);
g_assert_cmpint(g_slist_length(rules_ipv6), ==, 0);
......@@ -3133,7 +3137,6 @@ static void firewall_test_dynamic_ok0()
g_assert_cmpint(g_slist_length(rules_ipv4), ==, RULES_GEN4 + RULES_ETH);
g_assert_cmpint(g_slist_length(rules_ipv6), ==, RULES_GEN6 + RULES_ETH);
ifname = connman_service_get_interface(&test_service);
check_rules(assert_rule_exists, 0, device_rules, ifname);
service_state_change(&test_service, CONNMAN_SERVICE_STATE_DISCONNECT);
......@@ -4230,7 +4233,6 @@ static void firewall_test_notifier_fail0()
g_assert_cmpint(g_slist_length(rules_ipv4), ==, RULES_GEN4);
g_assert_cmpint(g_slist_length(rules_ipv6), ==, RULES_GEN6);
ifname = connman_service_get_interface(&test_service);
check_rules(assert_rule_not_exists, 0, device_rules, ifname);
service_state_change(&test_service, CONNMAN_SERVICE_STATE_DISCONNECT);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment