Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
nftables.32329
0001-cache-check-for-NULL-chain-in-cache_init.p...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-cache-check-for-NULL-chain-in-cache_init.patch of Package nftables.32329
From 6b7b7d5d219dca4465390f4a69096383d17782d3 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso <pablo@netfilter.org> Date: Thu, 1 Apr 2021 23:15:02 +0200 Subject: [PATCH] cache: check for NULL chain in cache_init() Another process might race to add chains after chain_cache_init(). The generation check does not help since it comes after cache_init(). NLM_F_DUMP_INTR only guarantees consistency within one single netlink dump operation, so it does not help either (cache population requires several netlink dump commands). Let's be safe and do not assume the chain exists in the cache when populating the rule cache. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- src/rule.c | 3 +++ 1 file changed, 3 insertions(+) Index: nftables-0.9.8/src/rule.c =================================================================== --- nftables-0.9.8.orig/src/rule.c +++ nftables-0.9.8/src/rule.c @@ -205,6 +205,9 @@ static int cache_init_objects(struct net if (!chain) chain = chain_binding_lookup(table, rule->handle.chain.name); + if (!chain) { + return -1; + } list_move_tail(&rule->list, &chain->rules); } if (ret < 0)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor