nft already assumes that passing NULL as data_len is valid, otherwise it crashes. Fix this by leave data_len unset in this specific case. Fixes: bda7102 ("src: Fix nftnl_*_get_data() to return the real attribute length") Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- src/expr/dynset.c | 1 - src/set_elem.c | 1 - 2 files changed, 2 deletions(-) diff --git a/src/expr/dynset.c b/src/expr/dynset.c index 111bf8c..0eaa409 100644 --- a/src/expr/dynset.c +++ b/src/expr/dynset.c @@ -94,7 +94,6 @@ nftnl_expr_dynset_get(const struct nftnl_expr *e, uint16_t type, *data_len = sizeof(dynset->set_id); return &dynset->set_id; case NFTNL_EXPR_DYNSET_EXPR: - *data_len = 0; return dynset->expr; } return NULL; diff --git a/src/set_elem.c b/src/set_elem.c index 4e89210..7908661 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -184,7 +184,6 @@ const void *nftnl_set_elem_get(struct nftnl_set_elem *s, uint16_t attr, uint32_t *data_len = s->user.len; return s->user.data; case NFTNL_SET_ELEM_EXPR: - *data_len = 0; return s->expr; } return NULL; -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html