From cfe671fa741c9669cadc5dfbf9ae63eb440601cf Mon Sep 17 00:00:00 2001
From: Arturo Borrero <arturo.borrero.glez@gmail.com>
Date: Wed, 26 Feb 2014 19:13:26 +0100
Subject: src: check if netlink parsing fails

We have to check if mnl_attr_parse() returns an error, which means that it
failed to validate and retrieve the attributes.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/set_elem.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'src/set_elem.c')

diff --git a/src/set_elem.c b/src/set_elem.c
index 79fc641..ff2c9d5 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -252,7 +252,11 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest)
 	if (e == NULL)
 		return -1;
 
-	mnl_attr_parse_nested(nest, nft_set_elem_parse_attr_cb, tb);
+	if (mnl_attr_parse_nested(nest, nft_set_elem_parse_attr_cb, tb) < 0) {
+		nft_set_elem_free(e);
+		return -1;
+	}
+
 	if (tb[NFTA_SET_ELEM_FLAGS]) {
 		e->set_elem_flags =
 			ntohl(mnl_attr_get_u32(tb[NFTA_SET_ELEM_FLAGS]));
@@ -338,7 +342,10 @@ int nft_set_elems_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s)
 	struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh);
 	int ret = 0;
 
-	mnl_attr_parse(nlh, sizeof(*nfg), nft_set_elem_list_parse_attr_cb, tb);
+	if (mnl_attr_parse(nlh, sizeof(*nfg),
+			   nft_set_elem_list_parse_attr_cb, tb) < 0)
+		return -1;
+
 	if (tb[NFTA_SET_ELEM_LIST_TABLE]) {
 		s->table =
 			strdup(mnl_attr_get_str(tb[NFTA_SET_ELEM_LIST_TABLE]));
-- 
cgit v1.2.3