From 742f52eeb2bf587abb89dbd81ea0f6f58a9d7309 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 13 Jun 2018 19:18:24 +0200
Subject: [PATCH] libnftables: Fix exit_cookie()

The output and error buffer feature depends on cookie->orig_fp to
indicate the current status of buffering: If it is set, a prior call to
init_cookie() is assumed. Though exit_cookie() missed to reset that
pointer to NULL. causing weird behaviour in applications if they do:

| nft = nft_ctx_new(0);
| nft_ctx_buffer_output(nft);
| nft_ctx_unbuffer_output(nft);
| nft_ctx_buffer_output(nft);

While being at it, apply the same fix to error path in init_cookie() as
well.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
(cherry picked from commit 5ca7ad252366865225d5c59d297e71215b68f027)
Signed-off-by: Phil Sutter <psutter@redhat.com>
---
 src/libnftables.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/libnftables.c b/src/libnftables.c
index 848c9cba65657..640693df93755 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -195,6 +195,7 @@ static int init_cookie(struct cookie *cookie)
 	cookie->fp = fopencookie(cookie, "w", cookie_fops);
 	if (!cookie->fp) {
 		cookie->fp = cookie->orig_fp;
+		cookie->orig_fp = NULL;
 		return 1;
 	}
 
@@ -208,6 +209,7 @@ static int exit_cookie(struct cookie *cookie)
 
 	fclose(cookie->fp);
 	cookie->fp = cookie->orig_fp;
+	cookie->orig_fp = NULL;
 	free(cookie->buf);
 	cookie->buf = NULL;
 	cookie->buflen = 0;
-- 
2.21.0