xtables: do not proceed if nft_init fails

Fix a crash if nft_init fails, it happens if nfnetlink support is not available in your Linux kernel. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2013-06-25 11:56:55 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-12-30 23:50:34 +0100
commit: 9283066f1216276116b3f4f85abf18bd673a7b11 (patch)
tree: 453cc82a8a10c9ffa9b2724eff04e22d3c279c1c /iptables/xtables-save.c
parent: 137cc981906f356c971da6de13e777a419382ff4 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c
index 111ad4be..49b859dd 100644
--- a/iptables/xtables-save.c
+++ b/iptables/xtables-save.c
@@ -96,7 +96,13 @@ xtables_save_main(int argc, char *argv[])
 	init_extensions();
 	init_extensions4();
 #endif
-	nft_init(&h);
+	if (nft_init(&h) < 0) {
+		fprintf(stderr, "%s/%s Failed to initialize nft: %s\n",
+				xtables_globals.program_name,
+				xtables_globals.program_version,
+				strerror(errno));
+		exit(EXIT_FAILURE);
+	}
 
 	while ((c = getopt_long(argc, argv, "bcdt:46", options, NULL)) != -1) {
 		switch (c) {
author	Pablo Neira Ayuso <pablo@netfilter.org>	2013-06-25 11:56:55 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-12-30 23:50:34 +0100
commit	9283066f1216276116b3f4f85abf18bd673a7b11 (patch)
tree	453cc82a8a10c9ffa9b2724eff04e22d3c279c1c /iptables/xtables-save.c
parent	137cc981906f356c971da6de13e777a419382ff4 (diff)