arptables: Fix incorrect strcmp() in nft_arp_rule_find()

Since nft_arp_rule_to_cs() may not set cs->jumpto, later call to
strcmp() may be passed a NULL pointer. Therefore check if the pointer is
valid before doing so.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index b8e8982653bb3511e16a60e6d9ea73d92dbde519..a2109c608670de5641a4fbd17d8a2705e475096d 100644 (file)
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -661,7 +661,7 @@ static bool nft_arp_rule_find(struct nft_family_ops *ops, struct nftnl_rule *r,
        if (!compare_targets(cs->target, this.target))
                return false;
 
-       if (strcmp(cs->jumpto, this.jumpto) != 0)
+       if (this.jumpto && strcmp(cs->jumpto, this.jumpto) != 0)
                return false;
 
        return true;