From: Daniel Wagner <daniel.wag...@bmw-carit.de> The list pointer is invalid after remove_table_entry(). Since we entering the 'if' body only for the first rule in a builtin chain we can safely update list to point to the next element. --- src/iptables.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/src/iptables.c b/src/iptables.c index 5e24efb..2c6580b 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -1022,6 +1022,22 @@ static int iptables_delete_rule(struct connman_iptables *table, entry = chain_head->data; builtin = entry->builtin; + if (builtin >= 0 && list == chain_head) { + /* + * We are about to remove the first rule in the + * chain. In this case we need to store the builtin + * value to the new chain_head. + * + * Note, for builtin chains, chain_head->next is + * always valid. A builtin chain has always a policy + * rule at the end. + */ + chain_head = chain_head->next; + + entry = chain_head->data; + entry->builtin = builtin; + } + entry = list->data; if (entry == NULL) return -EINVAL; @@ -1035,12 +1051,6 @@ static int iptables_delete_rule(struct connman_iptables *table, removed += remove_table_entry(table, entry); if (builtin >= 0) { - list = list->next; - if (list) { - entry = list->data; - entry->builtin = builtin; - } - table->underflow[builtin] -= removed; for (list = chain_tail; list; list = list->next) { entry = list->data; -- 1.8.2.rc3.16.gce432ca _______________________________________________ connman mailing list connman@connman.net http://lists.connman.net/listinfo/connman