rpms / perl-IPTables-libiptc

Clone
Source Code
GIT

Files

f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide
  1.   rawhide
  2.   IPTables-libiptc-0.52-Disable-locking.patch
Blob Blame History Raw 
From a2246a4d1fc2335dbd71478e0a629f870f0fd9af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Mon, 28 Jan 2019 17:08:52 +0100
Subject: [PATCH] Disable locking
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

iptables before 1.6.0 added a fifth argument to do_command4() to
control locking. Perl module never passed the argument and thus
invoked in undefined behavior.

This become visible in iptables-1.8.0 that changed the locking and
that caused an infinite loop in Perl iptables_do_command(). The
iptables locking mechanmism is not firendly for libraries, it can call
exit(2).

This this patch fixes the infinite loop by disabling locking
explicitly.

<https://bugzilla.redhat.com/show_bug.cgi?id=1670047>

Signed-off-by: Petr Písař <ppisar@redhat.com>
---
 libiptc.xs | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/libiptc.xs b/libiptc.xs
index 790c93e..512a777 100644
--- a/libiptc.xs
+++ b/libiptc.xs
@@ -517,10 +517,13 @@ iptables_do_command(self, array_ref)
 	 * actually is a bug), thus we need to assign something valid
 	 * to fake_table, to avoid a segfault.
 	 */
-#if XTABLES_VERSION_CODE >= 7
-#define do_command do_command4
-#endif
+#if XTABLES_VERSION_CODE >= 11
+	RETVAL = do_command4(argc, argv, &fake_table, &self, true);
+#elif XTABLES_VERSION_CODE >= 7
+	RETVAL = do_command4(argc, argv, &fake_table, &self);
+#else
 	RETVAL = do_command(argc, argv, &fake_table, &self);
+#endif
 	if (!RETVAL) {
 	    SET_ERRNUM(errno);
 	    SET_ERRSTR("%s", iptc_strerror(errno));
-- 
2.17.2
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.