diff mbox series

[iptables,3/3] xtables: Fix error return code in nft_chain_user_rename()

Message ID 20181112132947.9501-4-phil@nwl.cc
State Accepted
Headers show
Series A few minor fixes | expand

Commit Message

Phil Sutter Nov. 12, 2018, 1:29 p.m. UTC 
If the chain to rename wasn't found, the function would return -1 which
got interpreted as success.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 iptables/nft.c                                              | 4 ++--
 iptables/tests/shell/testcases/iptables/0004-return-codes_0 | 4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/iptables/nft.c b/iptables/nft.c
index e2a4902448680..28b08ce8e7bdd 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1755,14 +1755,14 @@  int nft_chain_user_rename(struct nft_handle *h,const char *chain,
 	c = nft_chain_find(h, table, chain);
 	if (c == NULL) {
 		errno = ENOENT;
-		return -1;
+		return 0;
 	}
 	handle = nftnl_chain_get_u64(c, NFTNL_CHAIN_HANDLE);
 
 	/* Now prepare the new name for the chain */
 	c = nftnl_chain_alloc();
 	if (c == NULL)
-		return -1;
+		return 0;
 
 	nftnl_chain_set(c, NFTNL_CHAIN_TABLE, (char *)table);
 	nftnl_chain_set(c, NFTNL_CHAIN_NAME, (char *)newname);
diff --git a/iptables/tests/shell/testcases/iptables/0004-return-codes_0 b/iptables/tests/shell/testcases/iptables/0004-return-codes_0
index 34dffeee4604a..5b6e1f6f1bc7a 100755
--- a/iptables/tests/shell/testcases/iptables/0004-return-codes_0
+++ b/iptables/tests/shell/testcases/iptables/0004-return-codes_0
@@ -23,6 +23,10 @@  cmd 1 iptables -N foo
 # iptables-nft allows this - bug or feature?
 #cmd 2 iptables -N "invalid name"
 
+# test chain rename
+cmd 0 iptables -E foo bar
+cmd 1 iptables -E foo bar
+
 # test rule adding
 cmd 0 iptables -A INPUT -j ACCEPT
 cmd 1 iptables -A noexist -j ACCEPT