Bug 1673274

Summary: Eliminate dead code in __nft_rule_list
Product: Red Hat Enterprise Linux 8 Reporter: Phil Sutter <psutter>
Component: iptablesAssignee: Phil Sutter <psutter>
Status: CLOSED ERRATA QA Contact: Jiri Peska <jpeska>
Severity: low Docs Contact:
Priority: low    
Version: 8.1CC: iptables-maint-list, jpeska, rkhan, todoleza
Target Milestone: rc   
Target Release: 8.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: iptables-1.8.2-13.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-05 22:17:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Phil Sutter 2019-02-07 08:22:17 UTC 
Covscan found some leftover dead code, fix sent upstream:

https://marc.info/?l=netfilter-devel&m=154952760504451&w=2
Comment 1 Phil Sutter 2019-05-20 12:17:43 UTC 
Upstream commit to backport:

commit 519f5bcd9c07e0092a1a019176c82fb3bfbd9ced
Author: Phil Sutter <phil>
Date:   Thu Feb 7 09:20:10 2019 +0100

    nft: Eliminate dead code in __nft_rule_list
    
    If passed a rulenum > 0, the function uses nftnl_rule_lookup_byindex()
    and returns early. Negative rulenum values are not supposed to happen,
    so the remaining code which iterates over the full list of rules does
    not need to respect rulenum anymore.
    
    Fixes: 039b048965210 ("nft: Make use of nftnl_rule_lookup_byindex()")
    Signed-off-by: Phil Sutter <phil>
    Signed-off-by: Florian Westphal <fw>
Comment 2 Phil Sutter 2019-06-12 16:42:37 UTC 
This is a covscan-related fix, so testing should be sanity only.
Comment 7 errata-xmlrpc 2019-11-05 22:17:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:3573