From 37fbd141470c0bde506d1aff2dec8168faf30c1f Mon Sep 17 00:00:00 2001
From: Peter Millerchip <pete@millerchipsoftware.com>
Date: Tue, 11 Aug 2015 12:29:58 +0100
Subject: Fix potential null pointer dereference in netfilter

---
 src/firejail/netfilter.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c
index dbed4ac30..fd8a9b2f3 100644
--- a/src/firejail/netfilter.c
+++ b/src/firejail/netfilter.c
@@ -67,9 +67,9 @@ void netfilter(const char *fname) {
 		}
 
 		filter = malloc(s.st_size + 1);	  // + '\0'
-		memset(filter, 0, s.st_size + 1);
 		if (!filter)
 			errExit("malloc");
+		memset(filter, 0, s.st_size + 1);
 
 		/* coverity[toctou] */
 		FILE *fp = fopen(fname, "r");
-- 
cgit v1.2.3-70-g09d2