|
 |
576484 |
From 6857a112296dee96966212a88bf671bd76467d95 Mon Sep 17 00:00:00 2001
|
|
|
576484 |
From: Phil Sutter <psutter@redhat.com>
|
|
|
576484 |
Date: Mon, 24 Feb 2020 16:14:16 +0100
|
|
|
576484 |
Subject: [PATCH] xtables-monitor: Fix segfault when tracing
|
|
|
576484 |
|
|
|
576484 |
This is a minimal fix extracted from upstream commit d0446ab11182f
|
|
|
576484 |
("xtables: Review nft_init()") which was deemed too untrusive for late
|
|
|
576484 |
inclusion into RHEL8.2.
|
|
|
576484 |
|
|
|
576484 |
(cherry picked from commit e6445667fd0f141ca301aeabeee312545dbf014a)
|
|
|
576484 |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
576484 |
---
|
|
|
576484 |
iptables/xtables-monitor.c | 7 ++++++-
|
|
|
576484 |
1 file changed, 6 insertions(+), 1 deletion(-)
|
|
|
576484 |
|
|
|
576484 |
diff --git a/iptables/xtables-monitor.c b/iptables/xtables-monitor.c
|
|
|
576484 |
index a5245d1422af9..737c35f2ac60c 100644
|
|
|
576484 |
--- a/iptables/xtables-monitor.c
|
|
|
576484 |
+++ b/iptables/xtables-monitor.c
|
|
|
576484 |
@@ -595,7 +595,9 @@ int xtables_monitor_main(int argc, char *argv[])
|
|
|
576484 |
struct mnl_socket *nl;
|
|
|
576484 |
char buf[MNL_SOCKET_BUFFER_SIZE];
|
|
|
576484 |
uint32_t nfgroup = 0;
|
|
|
576484 |
- struct nft_handle h = {};
|
|
|
576484 |
+ struct nft_handle h = {
|
|
|
576484 |
+ .family = AF_INET,
|
|
|
576484 |
+ };
|
|
|
576484 |
struct cb_arg cb_arg = {
|
|
|
576484 |
.h = &h,
|
|
|
576484 |
};
|
|
|
576484 |
@@ -622,6 +624,9 @@ int xtables_monitor_main(int argc, char *argv[])
|
|
|
576484 |
strerror(errno));
|
|
|
576484 |
exit(EXIT_FAILURE);
|
|
|
576484 |
}
|
|
|
576484 |
+ h.ops = nft_family_ops_lookup(h.family);
|
|
|
576484 |
+ if (!h.ops)
|
|
|
576484 |
+ xtables_error(PARAMETER_PROBLEM, "Unknown family");
|
|
|
576484 |
|
|
|
576484 |
opterr = 0;
|
|
|
576484 |
while ((c = getopt_long(argc, argv, "ceht46V", options, NULL)) != -1) {
|
|
|
576484 |
--
|
|
|
576484 |
2.25.1
|
|
|
576484 |
|