libnftables: Fix exit_cookie()

The output and error buffer feature depends on cookie->orig_fp to
indicate the current status of buffering: If it is set, a prior call to
init_cookie() is assumed. Though exit_cookie() missed to reset that
pointer to NULL. causing weird behaviour in applications if they do:

| nft = nft_ctx_new(0);
| nft_ctx_buffer_output(nft);
| nft_ctx_unbuffer_output(nft);
| nft_ctx_buffer_output(nft);

While being at it, apply the same fix to error path in init_cookie() as
well.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/libnftables.c b/src/libnftables.c
index 5bc7ba0d210ab0f6ef31e4605927a2eff83a385b..dda986ca27eade620d391d1525bb9dd27a9215ec 100644 (file)
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -198,6 +198,7 @@ static int init_cookie(struct cookie *cookie)
        cookie->fp = fopencookie(cookie, "w", cookie_fops);
        if (!cookie->fp) {
                cookie->fp = cookie->orig_fp;
+               cookie->orig_fp = NULL;
                return 1;
        }
 
@@ -211,6 +212,7 @@ static int exit_cookie(struct cookie *cookie)
 
        fclose(cookie->fp);
        cookie->fp = cookie->orig_fp;
+       cookie->orig_fp = NULL;
        free(cookie->buf);
        cookie->buf = NULL;
        cookie->buflen = 0;