|
|
8cce6c |
From f5043360f8a340ea4b924edfe5c3779099671061 Mon Sep 17 00:00:00 2001
|
|
|
8cce6c |
From: Phil Sutter <phil@nwl.cc>
|
|
|
8cce6c |
Date: Thu, 20 Dec 2018 16:09:03 +0100
|
|
|
8cce6c |
Subject: [PATCH] nft: Review unclear return points
|
|
|
8cce6c |
|
|
|
8cce6c |
When converting to per table chain caches, these two error returns were
|
|
|
8cce6c |
marked for review but apparently forgotten. Make sure error condition is
|
|
|
8cce6c |
propagated when returning at those points.
|
|
|
8cce6c |
|
|
|
8cce6c |
Fixes: c58ecf9f8bcb7 ("xtables: Introduce per table chain caches")
|
|
|
8cce6c |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
8cce6c |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
8cce6c |
(cherry picked from commit 7e09582a57440f13796bdd5bd70466ef0913345b)
|
|
|
8cce6c |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
8cce6c |
---
|
|
|
8cce6c |
iptables/nft.c | 4 ++--
|
|
|
8cce6c |
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
8cce6c |
|
|
|
8cce6c |
diff --git a/iptables/nft.c b/iptables/nft.c
|
|
|
8cce6c |
index 9d20eb0eac2db..1fca1f17147f6 100644
|
|
|
8cce6c |
--- a/iptables/nft.c
|
|
|
8cce6c |
+++ b/iptables/nft.c
|
|
|
8cce6c |
@@ -2311,7 +2311,7 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table,
|
|
|
8cce6c |
|
|
|
8cce6c |
list = nft_chain_list_get(h, table);
|
|
|
8cce6c |
if (!list)
|
|
|
8cce6c |
- goto err; /* XXX: return 0 instead? */
|
|
|
8cce6c |
+ return 0;
|
|
|
8cce6c |
|
|
|
8cce6c |
iter = nftnl_chain_list_iter_create(list);
|
|
|
8cce6c |
if (iter == NULL)
|
|
|
8cce6c |
@@ -2450,7 +2450,7 @@ int nft_rule_list_save(struct nft_handle *h, const char *chain,
|
|
|
8cce6c |
|
|
|
8cce6c |
list = nft_chain_list_get(h, table);
|
|
|
8cce6c |
if (!list)
|
|
|
8cce6c |
- goto err; /* XXX: correct? */
|
|
|
8cce6c |
+ goto err;
|
|
|
8cce6c |
|
|
|
8cce6c |
/* Dump policies and custom chains first */
|
|
|
8cce6c |
if (!rulenum)
|
|
|
8cce6c |
--
|
|
|
8cce6c |
2.20.1
|
|
|
8cce6c |
|