netfilter: nf_tables: free set name in error path

set->name must be free'd here in case ops->init fails. Fixes: 387454901bd6 ("netfilter: nf_tables: Allow set names of up to 255 chars") Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2018-04-10 03:00:24 -0400
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2018-04-16 11:47:27 -0400
commit: 2f6adf481527c8ab8033c601f55bfb5b3712b2ac (patch)
tree: 3012b4c102938470894324aa5c9c76e02f30dece
parent: 569ccae68b38654f04b6842b034aa33857f605fe (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index b1984f8f7253..102ad873acb4 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3212,18 +3212,20 @@ static int nf_tables_newset(struct net *net, struct sock *nlsk,
        err = ops->init(set, &desc, nla);
        if (err < 0)
-                goto err2;
+                goto err3;
        err = nft_trans_set_add(&ctx, NFT_MSG_NEWSET, set);
        if (err < 0)
-                goto err3;
+                goto err4;
        list_add_tail_rcu(&set->list, &table->sets);
        table->use++;
        return 0;
-err3:
+err4:
        ops->destroy(set);
+err3:
+        kfree(set->name);
 err2:
        kvfree(set);
 err1:
author	Florian Westphal <fw@strlen.de>	2018-04-10 03:00:24 -0400
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-04-16 11:47:27 -0400
commit	2f6adf481527c8ab8033c601f55bfb5b3712b2ac (patch)
tree	3012b4c102938470894324aa5c9c76e02f30dece
parent	569ccae68b38654f04b6842b034aa33857f605fe (diff)