diff options
author | Thomas Haller <thaller@redhat.com> | 2023-08-18 11:40:39 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-08-24 09:01:45 +0200 |
commit | 33706f99ce56e178b058b180661aacbea2e79ce9 (patch) | |
tree | 86834208013df544a640221af5b0b28104ebfdb9 /py | |
parent | 2034d8c60ed91c36b74e86e0c195eb6f2c27f9fa (diff) |
py: fix exception during cleanup of half-initialized Nftables
When we create a Nftables instance against an older library version,
we might not find a symbol and fail with an exception when initializing
the context object.
Then, __del__() is still called, but resulting in a second exception
because self.__ctx is not set. Avoid that second exception.
$ python -c 'import nftables; nftables.Nftables()'
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/data/src/nftables/py/nftables.py", line 90, in __init__
self.nft_ctx_input_get_flags = lib.nft_ctx_input_get_flags
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.11/ctypes/__init__.py", line 389, in __getattr__
func = self.__getitem__(name)
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib64/python3.11/ctypes/__init__.py", line 394, in __getitem__
func = self._FuncPtr((name_or_ordinal, self))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: /lib64/libnftables.so.1: undefined symbol: nft_ctx_input_get_flags
Exception ignored in: <function Nftables.__del__ at 0x7f6315a2c540>
Traceback (most recent call last):
File "/data/src/nftables/py/nftables.py", line 166, in __del__
self.nft_ctx_free(self.__ctx)
^^^^^^^^^^^^^^^^^
AttributeError: 'Nftables' object has no attribute 'nft_ctx_free'
Signed-off-by: Thomas Haller <thaller@redhat.com>
Reviewed-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'py')
-rw-r--r-- | py/src/nftables.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/py/src/nftables.py b/py/src/nftables.py index 68fcd7dd..b1186781 100644 --- a/py/src/nftables.py +++ b/py/src/nftables.py @@ -74,6 +74,8 @@ class Nftables: is requested from the library and buffering of output and error streams is turned on. """ + self.__ctx = None + lib = cdll.LoadLibrary(sofile) ### API function definitions @@ -150,7 +152,9 @@ class Nftables: self.nft_ctx_buffer_error(self.__ctx) def __del__(self): - self.nft_ctx_free(self.__ctx) + if self.__ctx is not None: + self.nft_ctx_free(self.__ctx) + self.__ctx = None def __get_output_flag(self, name): flag = self.output_flags[name] |