Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/net/npf Don't silently ignore the errors from npfctl_run...



details:   https://anonhg.NetBSD.org/src/rev/598b18dc32ed
branches:  trunk
changeset: 980221:598b18dc32ed
user:      christos <christos%NetBSD.org@localhost>
date:      Wed Jan 27 17:39:13 2021 +0000

description:
Don't silently ignore the errors from npfctl_run_op. We end up returning
packets to userland that are missing required fields (like in rule_add the
id of the rule) and npfctl aborts.

diffstat:

 sys/net/npf/npf_os.c |  9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diffs (26 lines):

diff -r 5de6a0c4ba4d -r 598b18dc32ed sys/net/npf/npf_os.c
--- a/sys/net/npf/npf_os.c      Wed Jan 27 15:52:46 2021 +0000
+++ b/sys/net/npf/npf_os.c      Wed Jan 27 17:39:13 2021 +0000
@@ -33,7 +33,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_os.c,v 1.20 2021/01/25 17:17:19 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_os.c,v 1.21 2021/01/27 17:39:13 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "pf.h"
@@ -298,8 +298,11 @@
 #endif
        }
        resp = nvlist_create(0);
-       npfctl_run_op(npf, cmd, req, resp);
-       error = nvlist_copyout(data, resp);
+
+       if ((error = npfctl_run_op(npf, cmd, req, resp)) == 0) {
+               error = nvlist_copyout(data, resp);
+       }
+
        nvlist_destroy(resp);
        nvlist_destroy(req);
 



Home | Main Index | Thread Index | Old Index