Re: [PATCH libnftnl, v2] fix some error checking in parser functions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jun 22, 2016 at 07:24:34PM +0200, Pablo Neira Ayuso wrote:
> On Mon, Jun 20, 2016 at 12:29:19PM +0200, Carlos Falgueras García wrote:
> > Use a variable 'ret' multiple times without treat the error between can
> > overwrite the previous error value, and may execute code which should not.
> 
> Applied, thanks.

I had to apply this chunk on top. Note that these two don't set 'ret'.

diff --git a/src/set_elem.c b/src/set_elem.c
index 94b50f9..00b7327 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -393,8 +393,10 @@ static int nftnl_set_elems_parse2(struct
nftnl_set *s, const struct nlattr *nest
         }
        if (tb[NFTA_SET_ELEM_EXPR]) {
                e->expr = nftnl_expr_parse(tb[NFTA_SET_ELEM_EXPR]);
-               if (e->expr == NULL)
+               if (e->expr == NULL) {
+                       ret = -1;
                        goto out_set_elem;
+               }
                e->flags |= (1 << NFTNL_SET_ELEM_EXPR);
        }
        if (tb[NFTA_SET_ELEM_USERDATA]) {
@@ -406,8 +408,10 @@ static int nftnl_set_elems_parse2(struct
nftnl_set *s, const struct nlattr *nest
 
                e->user.len  =
mnl_attr_get_payload_len(tb[NFTA_SET_ELEM_USERDATA]);
                e->user.data = malloc(e->user.len);
-               if (e->user.data == NULL)
+               if (e->user.data == NULL) {
+                       ret = -1;
                        goto out_expr;
+               }
                memcpy(e->user.data, udata, e->user.len);
          
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux