32 lines
876 B
Diff
32 lines
876 B
Diff
From 907da5c505b219537586f7c2bdb7320c4f97386f Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <phil@nwl.cc>
|
|
Date: Thu, 19 Jul 2018 18:31:53 +0200
|
|
Subject: xtables: fix crash if nft_rule_list_get() fails
|
|
|
|
Without this, trying to add a rule using ebtables without proper
|
|
permissions crashes the program.
|
|
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
---
|
|
iptables/nft.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/iptables/nft.c b/iptables/nft.c
|
|
index 3cacf5fe..e1788dba 100644
|
|
--- a/iptables/nft.c
|
|
+++ b/iptables/nft.c
|
|
@@ -1176,7 +1176,8 @@ nft_rule_append(struct nft_handle *h, const char *chain, const char *table,
|
|
if (batch_rule_add(h, type, r) < 0)
|
|
nftnl_rule_free(r);
|
|
|
|
- nft_rule_list_get(h);
|
|
+ if (!nft_rule_list_get(h))
|
|
+ return 0;
|
|
|
|
nftnl_rule_list_add_tail(r, h->rule_cache);
|
|
|
|
--
|
|
cgit v1.2.1
|
|
|