Version
v0.8.0
Problem
Current implementation does not check the size of ipt.executeList(args) 's return value, when you try to list an empty chain, this code will cause a index out of range panic.
// List rules in specified table/chain
func (ipt *IPTables) ListById(table, chain string, id int) (string, error) {
args := []string{"-t", table, "-S", chain, strconv.Itoa(id)}
rule, err := ipt.executeList(args)
if err != nil {
return "", err
}
return rule[0], nil
}Suggestion
Return error when chain is empty
// List rules in specified table/chain
func (ipt *IPTables) ListById(table, chain string, id int) (string, error) {
args := []string{"-t", table, "-S", chain, strconv.Itoa(id)}
rule, err := ipt.executeList(args)
if err != nil {
return "", err
}
if len(rule) == 0 {
return "", fmt.Errorf("chain %s in table %s is empty", chain, table)
}
return rule[0], err
}Or just return an empty string?
// List rules in specified table/chain
func (ipt *IPTables) ListById(table, chain string, id int) (string, error) {
args := []string{"-t", table, "-S", chain, strconv.Itoa(id)}
rule, err := ipt.executeList(args)
if err != nil {
return "", err
}
if len(rule) == 0 {
return "", nil
}
return rule[0], err
}
Version
v0.8.0
Problem
Current implementation does not check the size of
ipt.executeList(args)'s return value, when you try to list an empty chain, this code will cause a index out of range panic.Suggestion
Return error when chain is empty
Or just return an empty string?