util/linuxfw: return error instead of nil pointer dereference

Issue #19737 ran into a nil pointer dereference, the cause of which was fixed by #19761. If we end up on this code path with a nil table again, we should bubble that up as an error (which is logged by the health warning system) rather than failing catastrophically. Signed-off-by: Naman Sood <mail@nsood.in>
2026-06-01 04:26:49 -04:00 · 2026-05-19 10:01:07 -04:00
parent 2b338dd6a8
commit 5d56cc8512
1 changed files with 3 additions and 0 deletions
--- a/util/linuxfw/nftables_runner.go
+++ b/util/linuxfw/nftables_runner.go
@@ -416,6 +416,9 @@ func (e errorChainNotFound) Error() string {
 // getChainFromTable returns the chain with the given name from the given table.
 // Note that a chain name is unique within a table.
 func getChainFromTable(c *nftables.Conn, table *nftables.Table, name string) (*nftables.Chain, error) {
+	if table == nil {
+		return nil, fmt.Errorf("could not get chain %q: table not initialized", name)
+	}
 	chains, err := c.ListChainsOfTableFamily(table.Family)
 	if err != nil {
 		return nil, fmt.Errorf("list chains: %w", err)