xtables: fix crash if nft_rule_list_get() fails

Without this, trying to add a rule using ebtables without proper
permissions crashes the program.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/iptables/nft.c b/iptables/nft.c
index 3cacf5feb317fa39a8648ca2b145681a33d22b24..e1788dbadddd54842bef8cddebc2bf4c324fa57f 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1176,7 +1176,8 @@ nft_rule_append(struct nft_handle *h, const char *chain, const char *table,
        if (batch_rule_add(h, type, r) < 0)
                nftnl_rule_free(r);
 
-       nft_rule_list_get(h);
+       if (!nft_rule_list_get(h))
+               return 0;
 
        nftnl_rule_list_add_tail(r, h->rule_cache);