time() may return -1 which is then assigned to an unsigned integer type and used as sequence number. The following code increments that number multiple times, so it may overflow and get libmnl confused. To avoid this, fall back to a starting sequence number of zero in case the call to time() failed. Signed-off-by: Phil Sutter <phil@xxxxxx> --- src/common.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/common.c b/src/common.c index bf4176ceb76eb..2189cc8a3e882 100644 --- a/src/common.c +++ b/src/common.c @@ -192,6 +192,9 @@ int nftnl_batch_is_supported(void) uint32_t seq = time(NULL), req_seq; int ret; + if (seq == (uint32_t)-1) + seq = 0; + nl = mnl_socket_open(NETLINK_NETFILTER); if (nl == NULL) return -1; -- 2.8.2 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
