[Libvir] [patch 4/5] iptables: maintain rules in memory even when not writing to disk

Mark McLoughlin markmc at redhat.com
Wed Mar 21 13:38:43 UTC 2007

On Wed, 2007-03-21 at 09:15 -0400, Daniel Veillard wrote:
> On Wed, Mar 21, 2007 at 12:48:01PM +0000, Mark McLoughlin wrote:
> > Re-factor things a little for the next patch so that we maintain
> > the rules in memory even when we're not going to write them to
> > disk.
> [...]
> >      if (!(r = (char **)realloc(rules->rules, sizeof(char *) * (rules->nrules+1))))
> >          return ENOMEM;
>   Seems the rules tab is zeroed, but when you extend it you don't
> zeroe the new part of the array, but it may not give problem in
> practice (or a very hard one to track down ;-)

	Well, I do immediately initialise it.

	The logic is a little obscure, but it's a fairly familiar idiom to me -
the nrules count isn't bumped until the new rule has been successfully
appended. If the appending fails, we just leave things as they are
rather than e.g. re-sizing the table back down again.


More information about the libvir-list mailing list