Don't ignore nested attribute parsing errors, this may hide bugs in
users' code.
Fixes: 0adceeab1597a ("src: add ct timeout support")
Signed-off-by: Phil Sutter <p...@nwl.cc>
---
src/obj/ct_timeout.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/obj/ct_timeout.c b/src/obj/ct_timeout.c
index e2e99917de7ae..a439432deee18 100644
--- a/src/obj/ct_timeout.c
+++ b/src/obj/ct_timeout.c
@@ -116,7 +116,7 @@ parse_timeout_attr_policy_cb(const struct nlattr *attr,
void *data)
return MNL_CB_OK;
}
-static void
+static int
timeout_parse_attr_data(struct nftnl_obj *e,
const struct nlattr *nest)
{
@@ -131,7 +131,8 @@ timeout_parse_attr_data(struct nftnl_obj *e,
memset(tb, 0, sizeof(struct nlattr *) * attr_max);
- mnl_attr_parse_nested(nest, parse_timeout_attr_policy_cb, &cnt);
+ if (mnl_attr_parse_nested(nest, parse_timeout_attr_policy_cb, &cnt) < 0)
+ return -1;
for (i = 1; i <= attr_max; i++) {
if (tb[i]) {
@@ -139,6 +140,7 @@ timeout_parse_attr_data(struct nftnl_obj *e,
ntohl(mnl_attr_get_u32(tb[i])));
}
}
+ return 0;
}
static int nftnl_obj_ct_timeout_set(struct nftnl_obj *e, uint16_t type,
@@ -248,7 +250,8 @@ nftnl_obj_ct_timeout_parse(struct nftnl_obj *e, struct
nlattr *attr)
e->flags |= (1 << NFTNL_OBJ_CT_TIMEOUT_L4PROTO);
}
if (tb[NFTA_CT_TIMEOUT_DATA]) {
- timeout_parse_attr_data(e, tb[NFTA_CT_TIMEOUT_DATA]);
+ if (timeout_parse_attr_data(e, tb[NFTA_CT_TIMEOUT_DATA]) < 0)
+ return -1;
e->flags |= (1 << NFTNL_OBJ_CT_TIMEOUT_ARRAY);
}
return 0;
--
2.23.0
