Fix potential deadlock condition in nft_get_handle

This was susceptible to the same deadlock issue that ipt_chain_exists
had and was fixed in d43db80 where if the command returned a significant
amount of output, it wouldn't all be read in, resulting in the
subprocess hanging waiting for the output to be read.
This commit is contained in:
Alex Tomlins 2019-01-22 21:12:43 +00:00 committed by Brian May
parent 04849df7e3
commit 0e99adc5d1

View File

@ -74,13 +74,13 @@ def nft_get_handle(expression, chain):
'PATH': os.environ['PATH'], 'PATH': os.environ['PATH'],
'LC_ALL': "C", 'LC_ALL': "C",
} }
p = ssubprocess.Popen(argv, stdout=ssubprocess.PIPE, env=env) try:
for line in p.stdout: output = ssubprocess.check_output(argv, env=env)
if (b'jump %s' % chain.encode('utf-8')) in line: for line in output.decode('utf-8').split('\n'):
return re.sub('.*# ', '', line.decode('utf-8')) if ('jump %s' % chain) in line:
rv = p.wait() return re.sub('.*# ', '', line)
if rv: except ssubprocess.CalledProcessError as e:
raise Fatal('%r returned %d' % (argv, rv)) raise Fatal('%r returned %d' % (argv, e.returncode))
_no_ttl_module = False _no_ttl_module = False