From 84af90ba5df8682cb2abecbc7bccf23aca94df77 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 23 Mar 2021 01:34:30 +0900
Subject: [PATCH] firewall-util: add missing return value check

---
 src/shared/firewall-util-nft.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/shared/firewall-util-nft.c b/src/shared/firewall-util-nft.c
index 05c322d353c..fb5857d9ec9 100644
--- a/src/shared/firewall-util-nft.c
+++ b/src/shared/firewall-util-nft.c
@@ -1006,9 +1006,11 @@ again:
 
         assert(tsize < NFT_DNAT_MSGS);
         if (add)
-                nft_add_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
+                r = nft_add_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
         else
-                nft_del_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
+                r = nft_del_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
+        if (r < 0)
+                goto out_unref;
 
         tsize++;
         assert(tsize < NFT_DNAT_MSGS);
-- 
2.47.3