From 8bcf10b504c692deb3c98d395f42d34141f21e59 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 14 Dec 2017 20:40:24 +0100
Subject: set_elem: Don't return garbage in nftnl_set_elems_parse()

This might happen if netlink message is malformed (no nested attributes
are present), so treat this as an error and return -1 instead of
garbage to caller.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/set_elem.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/set_elem.c b/src/set_elem.c
index e45dbc6..71c279a 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -490,7 +490,7 @@ nftnl_set_elem_list_parse_attr_cb(const struct nlattr *attr, void *data)
 static int nftnl_set_elems_parse(struct nftnl_set *s, const struct nlattr *nest)
 {
 	struct nlattr *attr;
-	int ret;
+	int ret = -1;
 
 	mnl_attr_for_each_nested(attr, nest) {
 		if (mnl_attr_get_type(attr) != NFTA_LIST_ELEM)
-- 
cgit v1.2.3