From 5d56cc8512591ca707cd4fc990fccffe42146280 Mon Sep 17 00:00:00 2001 From: Naman Sood Date: Tue, 19 May 2026 10:01:07 -0400 Subject: [PATCH] util/linuxfw: return error instead of nil pointer dereference Issue #19737 ran into a nil pointer dereference, the cause of which was fixed by #19761. If we end up on this code path with a nil table again, we should bubble that up as an error (which is logged by the health warning system) rather than failing catastrophically. Signed-off-by: Naman Sood --- util/linuxfw/nftables_runner.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/util/linuxfw/nftables_runner.go b/util/linuxfw/nftables_runner.go index 639a044de..107eab951 100644 --- a/util/linuxfw/nftables_runner.go +++ b/util/linuxfw/nftables_runner.go @@ -416,6 +416,9 @@ func (e errorChainNotFound) Error() string { // getChainFromTable returns the chain with the given name from the given table. // Note that a chain name is unique within a table. func getChainFromTable(c *nftables.Conn, table *nftables.Table, name string) (*nftables.Chain, error) { + if table == nil { + return nil, fmt.Errorf("could not get chain %q: table not initialized", name) + } chains, err := c.ListChainsOfTableFamily(table.Family) if err != nil { return nil, fmt.Errorf("list chains: %w", err)