[nft] libnftables: Fix exit_cookie()

Message ID	20180613171824.23796-1-phil@nwl.cc
State	Accepted
Delegated to:	Pablo Neira
Headers	show Return-Path: <netfilter-devel-owner@vger.kernel.org> From: Phil Sutter <phil@nwl.cc> To: Pablo Neira Ayuso <pablo@netfilter.org> Cc: netfilter-devel@vger.kernel.org Subject: [nft PATCH] libnftables: Fix exit_cookie() Date: Wed, 13 Jun 2018 19:18:24 +0200 Message-Id: <20180613171824.23796-1-phil@nwl.cc> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk
Series	[nft] libnftables: Fix exit_cookie() \| expand [nft] libnftables: Fix exit_cookie()

Message ID

20180613171824.23796-1-phil@nwl.cc

State

Accepted

Delegated to:

Pablo Neira

Headers

From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nft PATCH] libnftables: Fix exit_cookie()
Date: Wed, 13 Jun 2018 19:18:24 +0200
Message-Id: <20180613171824.23796-1-phil@nwl.cc>
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk

Series

[nft] libnftables: Fix exit_cookie() | expand

Commit Message

Phil Sutter June 13, 2018, 5:18 p.m. UTC

The output and error buffer feature depends on cookie->orig_fp to
indicate the current status of buffering: If it is set, a prior call to
init_cookie() is assumed. Though exit_cookie() missed to reset that
pointer to NULL. causing weird behaviour in applications if they do:

| nft = nft_ctx_new(0);
| nft_ctx_buffer_output(nft);
| nft_ctx_unbuffer_output(nft);
| nft_ctx_buffer_output(nft);

While being at it, apply the same fix to error path in init_cookie() as
well.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 src/libnftables.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Pablo Neira Ayuso June 18, 2018, 9:13 a.m. UTC | #1

On Wed, Jun 13, 2018 at 07:18:24PM +0200, Phil Sutter wrote:
> The output and error buffer feature depends on cookie->orig_fp to
> indicate the current status of buffering: If it is set, a prior call to
> init_cookie() is assumed. Though exit_cookie() missed to reset that
> pointer to NULL. causing weird behaviour in applications if they do:
> 
> | nft = nft_ctx_new(0);
> | nft_ctx_buffer_output(nft);
> | nft_ctx_unbuffer_output(nft);
> | nft_ctx_buffer_output(nft);
> 
> While being at it, apply the same fix to error path in init_cookie() as
> well.

Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/src/libnftables.c b/src/libnftables.c
index 5ee4b8965fc81..760deecf2b899 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -198,6 +198,7 @@  static int init_cookie(struct cookie *cookie)
 	cookie->fp = fopencookie(cookie, "w", cookie_fops);
 	if (!cookie->fp) {
 		cookie->fp = cookie->orig_fp;
+		cookie->orig_fp = NULL;
 		return 1;
 	}
 
@@ -211,6 +212,7 @@  static int exit_cookie(struct cookie *cookie)
 
 	fclose(cookie->fp);
 	cookie->fp = cookie->orig_fp;
+	cookie->orig_fp = NULL;
 	free(cookie->buf);
 	cookie->buf = NULL;
 	cookie->buflen = 0;

[nft] libnftables: Fix exit_cookie()

Commit Message

Comments

Patch