Pablo Neira Ayuso <pa...@netfilter.org> wrote: > On Mon, Aug 05, 2019 at 11:49:17PM +0200, Florian Westphal wrote: > > Calling nft_ctx_new() a second time leaks memory, and calling > > nft_ctx_free a second time -- on a different context -- causes > > double-free. > > > > This patch won't work in case we assume libnftables should be > > thread-safe, in such case we either need a mutex or move all resources > > under nft_ctx scope. > > These two should avoid the memleak / double free I think: > > https://patchwork.ozlabs.org/patch/1143742/ > https://patchwork.ozlabs.org/patch/1143743/
Thanks, I will give them a try. > Not thread-safe yet, there is a bunch global variables still in place. I don't need thread-safety at the moment, I just found this double-free crash when creating another nft_ctx inside nftables (don't ask why, its fugly...)
