firewall-util: add missing return value check

author Yu Watanabe <watanabe.yu+github@gmail.com>

Mon, 22 Mar 2021 16:34:30 +0000 (01:34 +0900)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Tue, 23 Mar 2021 06:17:44 +0000 (15:17 +0900)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Mon, 22 Mar 2021 16:34:30 +0000 (01:34 +0900)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Tue, 23 Mar 2021 06:17:44 +0000 (15:17 +0900)
diff --git a/src/shared/firewall-util-nft.c b/src/shared/firewall-util-nft.c

index 05c322d353cae5a2e8e82651f6e27d9663c97145..fb5857d9ec9c855a503a097eab8d1787ad97106b 100644 (file)
--- a/src/shared/firewall-util-nft.c
+++ b/src/shared/firewall-util-nft.c
@@ -1006,9 +1006,11 @@ again:
  
          assert(tsize < NFT_DNAT_MSGS);
          if (add)
-                nft_add_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
+                r = nft_add_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
          else
-                nft_del_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
+                r = nft_del_element(ctx->nfnl, &transaction[tsize], af, NFT_SYSTEMD_DNAT_MAP_NAME, key, sizeof(key), data, dlen);
+        if (r < 0)
+                goto out_unref;
  
          tsize++;
          assert(tsize < NFT_DNAT_MSGS);
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Mon, 22 Mar 2021 16:34:30 +0000 (01:34 +0900)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Tue, 23 Mar 2021 06:17:44 +0000 (15:17 +0900)