The output and error buffer feature depends on cookie->orig_fp to indicate the current status of buffering: If it is set, a prior call to init_cookie() is assumed. Though exit_cookie() missed to reset that pointer to NULL. causing weird behaviour in applications if they do: | nft = nft_ctx_new(0); | nft_ctx_buffer_output(nft); | nft_ctx_unbuffer_output(nft); | nft_ctx_buffer_output(nft); While being at it, apply the same fix to error path in init_cookie() as well. Signed-off-by: Phil Sutter <phil@xxxxxx> --- src/libnftables.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libnftables.c b/src/libnftables.c index 4ee6bc0660418..77012e92d7495 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -198,6 +198,7 @@ static int init_cookie(struct cookie *cookie) cookie->fp = fopencookie(cookie, "w", cookie_fops); if (!cookie->fp) { cookie->fp = cookie->orig_fp; + cookie->orig_fp = NULL; return 1; } @@ -211,6 +212,7 @@ static int exit_cookie(struct cookie *cookie) fclose(cookie->fp); cookie->fp = cookie->orig_fp; + cookie->orig_fp = NULL; free(cookie->buf); cookie->buf = NULL; cookie->buflen = 0; -- 2.17.0 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html