From e0d9ff64a6a3062a706ab08d18792ba16a0f4f30 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Fri, 26 Apr 2024 16:39:49 +0200
Subject: conntrack: bsf: Do not return -1 on failure

Return values of the filter add functions are used to update an array
cursor, so sanely return 0 in error case.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 src/conntrack/bsf.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'src/conntrack')

diff --git a/src/conntrack/bsf.c b/src/conntrack/bsf.c
index 48fd4fa..1e78bad 100644
--- a/src/conntrack/bsf.c
+++ b/src/conntrack/bsf.c
@@ -336,7 +336,7 @@ add_state_filter_cta(struct sock_filter *this,
 	s = stack_create(sizeof(struct jump), 3 + 32);
 	if (s == NULL) {
 		errno = ENOMEM;
-		return -1;
+		return 0;
 	}
 
 	jt = 1;
@@ -403,7 +403,7 @@ add_state_filter(struct sock_filter *this,
 
 	if (cta[proto].cta_protoinfo == 0 && cta[proto].cta_state == 0) {
 		errno = ENOTSUP;
-		return -1;
+		return 0;
 	}
 
 	return add_state_filter_cta(this,
@@ -448,7 +448,7 @@ bsf_add_proto_filter(const struct nfct_filter *f, struct sock_filter *this)
 	s = stack_create(sizeof(struct jump), 3 + 255);
 	if (s == NULL) {
 		errno = ENOMEM;
-		return -1;
+		return 0;
 	}
 
 	jt = 1;
@@ -520,7 +520,7 @@ bsf_add_addr_ipv4_filter(const struct nfct_filter *f,
 	s = stack_create(sizeof(struct jump), 3 + 127);
 	if (s == NULL) {
 		errno = ENOMEM;
-		return -1;
+		return 0;
 	}
 
 	jt = 1;
@@ -605,7 +605,7 @@ bsf_add_addr_ipv6_filter(const struct nfct_filter *f,
 	s = stack_create(sizeof(struct jump), 3 + 80);
 	if (s == NULL) {
 		errno = ENOMEM;
-		return -1;
+		return 0;
 	}
 
 	jf = 1;
@@ -704,7 +704,7 @@ bsf_add_mark_filter(const struct nfct_filter *f, struct sock_filter *this)
 	s = stack_create(sizeof(struct jump), 3 + 127);
 	if (s == NULL) {
 		errno = ENOMEM;
-		return -1;
+		return 0;
 	}
 
 	jt = 1;
-- 
cgit v1.2.3