From 3392883f4566030853184f261d3ec1a62a7b4c1d Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Fri, 30 Apr 2021 01:01:17 +0200 Subject: rule: skip fuzzy lookup for unexisting 64-bit handle Deletion by handle, if incorrect, should not exercise the misspell lookup functions. Fixes: 3a0e07106f66 ("src: combine extended netlink error reporting with mispelling support") Signed-off-by: Pablo Neira Ayuso --- src/cmd.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'src') diff --git a/src/cmd.c b/src/cmd.c index 9cb5b6a3..c04efce3 100644 --- a/src/cmd.c +++ b/src/cmd.c @@ -14,6 +14,9 @@ static int nft_cmd_enoent_table(struct netlink_ctx *ctx, const struct cmd *cmd, { struct table *table; + if (!cmd->handle.table.name) + return 0; + table = table_lookup_fuzzy(&cmd->handle, &ctx->nft->cache); if (!table) return 0; @@ -30,6 +33,9 @@ static int nft_cmd_enoent_chain(struct netlink_ctx *ctx, const struct cmd *cmd, const struct table *table; struct chain *chain; + if (!cmd->handle.chain.name) + return 0; + chain = chain_lookup_fuzzy(&cmd->handle, &ctx->nft->cache, &table); if (!chain) return 0; @@ -81,6 +87,9 @@ static int nft_cmd_enoent_set(struct netlink_ctx *ctx, const struct cmd *cmd, const struct table *table; struct set *set; + if (!cmd->handle.set.name) + return 0; + set = set_lookup_fuzzy(cmd->handle.set.name, &ctx->nft->cache, &table); if (!set) return 0; @@ -100,6 +109,9 @@ static int nft_cmd_enoent_obj(struct netlink_ctx *ctx, const struct cmd *cmd, const struct table *table; struct obj *obj; + if (!cmd->handle.obj.name) + return 0; + obj = obj_lookup_fuzzy(cmd->handle.obj.name, &ctx->nft->cache, &table); if (!obj) return 0; @@ -118,6 +130,9 @@ static int nft_cmd_enoent_flowtable(struct netlink_ctx *ctx, const struct table *table; struct flowtable *ft; + if (!cmd->handle.flowtable.name) + return 0; + ft = flowtable_lookup_fuzzy(cmd->handle.flowtable.name, &ctx->nft->cache, &table); if (!ft) -- cgit v1.2.3