From ce3c7808c2110d8b587cc5c54951232e50fe0636 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Thu, 12 Apr 2018 11:51:38 +0200 Subject: nft: make nft_init self-contained nft_init() should rollback all changes it made during init when something goes wrong, callers should NOT call nft_fini() on error. Note that this change is irrelevant at the moment, all users call exit() on failure. Signed-off-by: Florian Westphal --- iptables/nft.c | 4 +++- iptables/xtables-standalone.c | 1 - 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'iptables') diff --git a/iptables/nft.c b/iptables/nft.c index b3d9646d..fa01e241 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -767,8 +767,10 @@ int nft_init(struct nft_handle *h, struct builtin_table *t) if (h->nl == NULL) return -1; - if (mnl_socket_bind(h->nl, 0, MNL_SOCKET_AUTOPID) < 0) + if (mnl_socket_bind(h->nl, 0, MNL_SOCKET_AUTOPID) < 0) { + mnl_socket_close(h->nl); return -1; + } h->portid = mnl_socket_get_portid(h->nl); h->tables = t; diff --git a/iptables/xtables-standalone.c b/iptables/xtables-standalone.c index 139c477f..1a28c548 100644 --- a/iptables/xtables-standalone.c +++ b/iptables/xtables-standalone.c @@ -66,7 +66,6 @@ xtables_main(int family, const char *progname, int argc, char *argv[]) xtables_globals.program_name, xtables_globals.program_version, strerror(errno)); - nft_fini(&h); exit(EXIT_FAILURE); } -- cgit v1.2.3