shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Code

core/bpf-firewall: use the correct cleanup function

Browse Source 
On error, we'd just free the object, and not close the fd.

While at it, let's use set_ensure_consume() to make sure we don't leak
the object if it was already in the set. I'm not sure if that condition
can be achieved.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2020-06-05 14:16:04 +02:00
parent 648c339c49
commit d02fd8b1c6
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/core/bpf-firewall.c
View File

@ -595,7 +595,7 @@ static int load_bpf_progs_from_fs_to_set(Unit *u, char **filter_paths, Set **set
set_clear(*set); set_clear(*set);
STRV_FOREACH(bpf_fs_path, filter_paths) { STRV_FOREACH(bpf_fs_path, filter_paths) {
_cleanup_free_ BPFProgram *prog = NULL; _cleanup_(bpf_program_unrefp) BPFProgram *prog = NULL;
int r; int r;
r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &prog); r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &prog);
@ -606,10 +606,9 @@ static int load_bpf_progs_from_fs_to_set(Unit *u, char **filter_paths, Set **set
if (r < 0) if (r < 0)
return log_unit_error_errno(u, r, "Loading of ingress BPF program %s failed: %m", *bpf_fs_path); return log_unit_error_errno(u, r, "Loading of ingress BPF program %s failed: %m", *bpf_fs_path);
r = set_ensure_put(set, &filter_prog_hash_ops, prog); r = set_ensure_consume(set, &filter_prog_hash_ops, TAKE_PTR(prog));
if (r < 0) if (r < 0)
return log_unit_error_errno(u, r, "Can't add program to BPF program set: %m"); return log_unit_error_errno(u, r, "Can't add program to BPF program set: %m");
TAKE_PTR(prog);
} }
return 0; return 0;