* [PATCH nft] rule: fix segmentation faults on kernels without nftables support
@ 2014-12-08 22:30 Pablo Neira Ayuso
0 siblings, 0 replies; only message in thread
From: Pablo Neira Ayuso @ 2014-12-08 22:30 UTC (permalink / raw)
To: netfilter-devel; +Cc: kaber
# nft list sets
Segmentation fault
# nft list sets
<cmdline>:1:1-9: Error: Could not receive sets from kernel: Protocol error
list sets
^^^^^^^^^
Fix same bug in `nft list tables'.
Don't cleanup the table object for these commands since it is NULL.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
src/rule.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/rule.c b/src/rule.c
index a79a420..9576664 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -870,7 +870,7 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
if (netlink_list_tables(ctx, &cmd->handle,
&cmd->location) < 0)
- goto err;
+ return -1;
list_for_each_entry(table, &ctx->list, list) {
printf("table %s\n", table->handle.table);
@@ -882,11 +882,12 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
return do_list_table(ctx, cmd, table);
case CMD_OBJ_SETS:
if (netlink_list_sets(ctx, &cmd->handle, &cmd->location) < 0)
- goto err;
+ return -1;
+
list_for_each_entry(set, &ctx->list, list){
if (netlink_get_setelems(ctx, &set->handle,
&cmd->location, set) < 0) {
- goto err;
+ return -1;
}
set_print(set);
}
--
1.7.10.4
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2014-12-08 22:28 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-12-08 22:30 [PATCH nft] rule: fix segmentation faults on kernels without nftables support Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).