From: Phil Sutter <phil@nwl.cc>
Date: Thu, 14 Dec 2017 19:40:24 +0000 (+0100)
Subject: set_elem: Don't return garbage in nftnl_set_elems_parse()
X-Git-Tag: libnftnl-1.0.9~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8bcf10b504c692deb3c98d395f42d34141f21e59;p=thirdparty%2Flibnftnl.git

set_elem: Don't return garbage in nftnl_set_elems_parse()

This might happen if netlink message is malformed (no nested attributes
are present), so treat this as an error and return -1 instead of
garbage to caller.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/src/set_elem.c b/src/set_elem.c
index e45dbc6b..71c279a5 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -490,7 +490,7 @@ nftnl_set_elem_list_parse_attr_cb(const struct nlattr *attr, void *data)
 static int nftnl_set_elems_parse(struct nftnl_set *s, const struct nlattr *nest)
 {
 	struct nlattr *attr;
-	int ret;
+	int ret = -1;
 
 	mnl_attr_for_each_nested(attr, nest) {
 		if (mnl_attr_get_type(attr) != NFTA_LIST_ELEM)