diff options
| author | Daniel Wagner <daniel.wagner@bmw-carit.de> | 2013-03-06 16:08:51 +0100 |
|---|---|---|
| committer | Patrik Flykt <patrik.flykt@linux.intel.com> | 2013-03-07 10:07:09 +0200 |
| commit | a235ce6ae6276cf69932b4f5f9994617f08baa1f (patch) | |
| tree | e0a446a5d39a8e71badf5b8e883db5637a2db0f4 /src/iptables.c | |
| parent | 4a3961caed734cf6aa1a445b2ae2388dcda9ff17 (diff) | |
| download | connman-a235ce6ae6276cf69932b4f5f9994617f08baa1f.tar.gz connman-a235ce6ae6276cf69932b4f5f9994617f08baa1f.tar.bz2 connman-a235ce6ae6276cf69932b4f5f9994617f08baa1f.zip | |
iptables: Do not flush in the wrong order
Diffstat (limited to 'src/iptables.c')
| -rw-r--r-- | src/iptables.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/iptables.c b/src/iptables.c index 9e56d0bb..3ae84178 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -2310,6 +2310,14 @@ void flush_table(const char *name) table->blob_entries->size, flush_table_cb, &chains); + + /* + * The offset update code is fragile and it works + * only safe if we remove elements and move forwards + * in the table. + */ + chains = g_slist_reverse(chains); + for (list = chains; list != NULL; list = list->next) { char *chain = list->data; |