diff options
| author | Florian Westphal <fw@strlen.de> | 2018-04-12 11:51:38 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2018-04-13 20:06:16 +0200 |
| commit | ce3c7808c2110d8b587cc5c54951232e50fe0636 (patch) | |
| tree | 99e699c0ce7075964d99446dc937d77d933d5dc1 | |
| parent | cb151d5f1a54e333498c3bf7a9d0bd93341dd5b6 (diff) | |
nft: make nft_init self-contained
nft_init() should rollback all changes it made during init
when something goes wrong, callers should NOT call nft_fini()
on error.
Note that this change is irrelevant at the moment, all users
call exit() on failure.
Signed-off-by: Florian Westphal <fw@strlen.de>
| -rw-r--r-- | iptables/nft.c | 4 | ||||
| -rw-r--r-- | iptables/xtables-standalone.c | 1 |
2 files changed, 3 insertions, 2 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index b3d9646d..fa01e241 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -767,8 +767,10 @@ int nft_init(struct nft_handle *h, struct builtin_table *t) if (h->nl == NULL) return -1; - if (mnl_socket_bind(h->nl, 0, MNL_SOCKET_AUTOPID) < 0) + if (mnl_socket_bind(h->nl, 0, MNL_SOCKET_AUTOPID) < 0) { + mnl_socket_close(h->nl); return -1; + } h->portid = mnl_socket_get_portid(h->nl); h->tables = t; diff --git a/iptables/xtables-standalone.c b/iptables/xtables-standalone.c index 139c477f..1a28c548 100644 --- a/iptables/xtables-standalone.c +++ b/iptables/xtables-standalone.c @@ -66,7 +66,6 @@ xtables_main(int family, const char *progname, int argc, char *argv[]) xtables_globals.program_name, xtables_globals.program_version, strerror(errno)); - nft_fini(&h); exit(EXIT_FAILURE); } |