From 100ca4356c4a97655cbdf1d433ae1ac159514daa Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 8 Dec 2014 20:03:42 +0100
Subject: rule: fix segmentation faults on kernels without nftables support

 # nft list sets
 Segmentation fault

 # nft list sets
 <cmdline>:1:1-9: Error: Could not receive sets from kernel: Protocol error
 list sets
 ^^^^^^^^^

Fix same bug in `nft list tables'.

Don't cleanup the table object for these commands since it is NULL.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/rule.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/rule.c b/src/rule.c
index a79a4203..95766646 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -870,7 +870,7 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
 
 			if (netlink_list_tables(ctx, &cmd->handle,
 						&cmd->location) < 0)
-				goto err;
+				return -1;
 
 			list_for_each_entry(table, &ctx->list, list) {
 				printf("table %s\n", table->handle.table);
@@ -882,11 +882,12 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
 		return do_list_table(ctx, cmd, table);
 	case CMD_OBJ_SETS:
 		if (netlink_list_sets(ctx, &cmd->handle, &cmd->location) < 0)
-			goto err;
+			return -1;
+
 		list_for_each_entry(set, &ctx->list, list){
 			if (netlink_get_setelems(ctx, &set->handle,
 						 &cmd->location, set) < 0) {
-				goto err;
+				return -1;
 			}
 			set_print(set);
 		}
-- 
cgit v1.2.3