From 4f30adc930c73036c6d1a146cdb21933af38e0d4 Mon Sep 17 00:00:00 2001
From: Daniel Wagner <daniel.wagner@bmw-carit.de>
Date: Thu, 21 Feb 2013 17:42:30 +0100
Subject: [PATCH] iptables: Reset pointer after freeing

The match or the target might be reused in the next invocation
of iptables and then xtables operates on this invalid pointer.
xt_t->t and xt_m->m are keept alive via the global variables
xtables_targets and xtables_matches.
---
 src/iptables.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/iptables.c b/src/iptables.c
index 4d46a5b..44c5c73 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -2048,10 +2048,14 @@ static void cleanup_parse_context(struct parse_context *ctx)
 {
 	g_strfreev(ctx->argv);
 	g_free(ctx->ip);
-	if (ctx->xt_t != NULL)
+	if (ctx->xt_t != NULL) {
 		g_free(ctx->xt_t->t);
-	if (ctx->xt_m != NULL)
+		ctx->xt_t->t = NULL;
+	}
+	if (ctx->xt_m != NULL) {
 		g_free(ctx->xt_m->m);
+		ctx->xt_m->m = NULL;
+	}
 	g_free(ctx);
 }
 
-- 
2.7.4