From 1be5e6f808e3908ecd13ab68b3fea0739794f02d Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Mon, 20 Nov 2017 16:54:04 +0100 Subject: libnftables: Ensure output_fp is never NULL Initialize output_fp to 'stdout' upon context creation and check output stream validity in nft_ctx_set_output(). This allows to drop checks in nft_{gmp_,}print() and do_command_export(). While doing so for the latter, simplify it a bit by using nft_print() which takes care of flushing the output stream. If applications desire to drop all output, they are supposed to open /dev/null and assign that. Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- src/libnftables.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'src/libnftables.c') diff --git a/src/libnftables.c b/src/libnftables.c index e8fa6742..c86d8947 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -167,6 +167,7 @@ struct nft_ctx *nft_ctx_new(uint32_t flags) ctx->parser_max_errors = 10; init_list_head(&ctx->cache.list); ctx->flags = flags; + ctx->output.output_fp = stdout; if (flags == NFT_CTX_DEFAULT) nft_ctx_netlink_init(ctx); @@ -190,6 +191,9 @@ FILE *nft_ctx_set_output(struct nft_ctx *ctx, FILE *fp) { FILE *old = ctx->output.output_fp; + if (!fp || ferror(fp)) + return NULL; + ctx->output.output_fp = fp; return old; @@ -333,9 +337,6 @@ int nft_print(struct output_ctx *octx, const char *fmt, ...) int ret; va_list arg; - if (!octx->output_fp) - return -1; - va_start(arg, fmt); ret = vfprintf(octx->output_fp, fmt, arg); va_end(arg); @@ -349,9 +350,6 @@ int nft_gmp_print(struct output_ctx *octx, const char *fmt, ...) int ret; va_list arg; - if (!octx->output_fp) - return -1; - va_start(arg, fmt); ret = gmp_vfprintf(octx->output_fp, fmt, arg); va_end(arg); -- cgit v1.2.3