@@ -258,7 +258,7 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, char *xml)
/* Get and set <sreg_addr_min_v4>. Not mandatory */
node = mxmlFindElement(tree, tree, "sreg_addr_min_v4", NULL, NULL,
MXML_DESCEND);
- if (node == NULL) {
+ if (node != NULL) {
tmp = strtoull(node->child->value.opaque, &endptr, 10);
if (tmp > UINT32_MAX || tmp < 0 || *endptr)
goto err;
@@ -270,7 +270,7 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, char *xml)
/* Get and set <sreg_addr_max_v4>. Not mandatory */
node = mxmlFindElement(tree, tree, "sreg_addr_max_v4", NULL, NULL,
MXML_DESCEND);
- if (node == NULL) {
+ if (node != NULL) {
tmp = strtoull(node->child->value.opaque, &endptr, 10);
if (tmp > UINT32_MAX || tmp < 0 || *endptr)
goto err;
@@ -282,7 +282,7 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, char *xml)
/* Get and set <sreg_proto_min>. Not mandatory */
node = mxmlFindElement(tree, tree, "sreg_proto_min", NULL, NULL,
MXML_DESCEND);
- if (node == NULL) {
+ if (node != NULL) {
tmp = strtoull(node->child->value.opaque, &endptr, 10);
if (tmp > UINT32_MAX || tmp < 0 || *endptr)
goto err;
@@ -294,7 +294,7 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, char *xml)
/* Get and set <sreg_proto_max>. Not mandatory */
node = mxmlFindElement(tree, tree, "sreg_proto_max", NULL, NULL,
MXML_DESCEND);
- if (node == NULL) {
+ if (node != NULL) {
tmp = strtoull(node->child->value.opaque, &endptr, 10);
if (tmp > UINT32_MAX || tmp < 0 || *endptr)
goto err;
If the node isn't present, this produces segfault. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> --- src/expr/nat.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html