Harsha Sharma <harshasharmaiitr@xxxxxxxxx> wrote:
> Print error message and exit. For e.g.
>
> nft -c " "
> nft: no command specified
>
> Without this patch, it segfaults.
Right.
> strcat(buf, " ");
> }
> strcat(buf, "\n");
> +
> + for (unsigned int i = 0; i != strlen(buf); i++) {
> + if (buf[i] != ' ')
> + nchar++;
> + }
> +
> + if (nchar < 2) {
> + fprintf(stderr, "%s: no command specified\n", argv[0]);
> + exit(EXIT_FAILURE);
> + }
Hmm, this doesn't look like the right fix to me.
The crash occurs in mnl_socket_get_fd() because mnl_sock * points to
garbage.
If you look at "src/libnftables.c:nft_netlink()" you will see that
it iterates of &state->cmds. As there are none, struct netlink_ctx
remains uninitalized.
I guess we should just return when state->cmds is an empty list.
Could you take a look?
Thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
