nameif: fix use-after-free in ENABLE_FEATURE_CLEAN_UP code

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
diff --git a/networking/nameif.c b/networking/nameif.c
index 5d7e8f9..9a8846d 100644
--- a/networking/nameif.c
+++ b/networking/nameif.c
@@ -292,12 +292,11 @@
 			if (ch->mac && memcmp(ch->mac, ifr.ifr_hwaddr.sa_data, ETH_ALEN) != 0)
 				continue;
 			/* if we came here, all selectors have matched */
-			break;
+			goto found;
 		}
 		/* Nothing found for current interface */
-		if (!ch)
-			continue;
-
+		continue;
+ found:
 		if (strcmp(ifr.ifr_name, ch->ifname) != 0) {
 			strcpy(ifr.ifr_newname, ch->ifname);
 			ioctl_or_perror_and_die(ctl_sk, SIOCSIFNAME, &ifr,
@@ -313,10 +312,14 @@
 			ch->next->prev = ch->prev;
 		if (ENABLE_FEATURE_CLEAN_UP)
 			delete_eth_table(ch);
-	}
+	} /* while */
+
 	if (ENABLE_FEATURE_CLEAN_UP) {
-		for (ch = clist; ch; ch = ch->next)
+		ethtable_t *next;
+		for (ch = clist; ch; ch = next) {
+			next = ch->next;
 			delete_eth_table(ch);
+		}
 		config_close(parser);
 	};