From 8054062418b8ac2ff4347201b7e3a765e99ce6f3 Mon Sep 17 00:00:00 2001
From: Stephen Watt <shw@fsi.io>
Date: Thu, 21 Sep 2017 16:28:39 -0400
Subject: [PATCH] More checks in SGFW prompt GUI to prevent accidental startup
 race/panic condition. Increased default max concurrent prompts in standalone
 prompter to 5 connections. Fixed NULL dereference crash condition from
 recvfrom() error in go-nfnetlink vendor dependency.

---
 fw-prompt/fw-prompt.go                        | 22 +++++++++++++++++++
 sgfw/prompt.go                                |  2 +-
 .../subgraph/go-nfnetlink/nfnl_sock.go        |  2 +-
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/fw-prompt/fw-prompt.go b/fw-prompt/fw-prompt.go
index 5b03297..9782732 100644
--- a/fw-prompt/fw-prompt.go
+++ b/fw-prompt/fw-prompt.go
@@ -13,6 +13,7 @@ import (
 	"strconv"
 	"strings"
 	"sync"
+	"time"
 
 	"github.com/subgraph/fw-daemon/sgfw"
 )
@@ -318,6 +319,27 @@ func createListStore(general bool) *gtk.ListStore {
 func addRequest(listStore *gtk.ListStore, path, proto string, pid int, ipaddr, hostname string, port, uid, gid int, origin string, is_socks bool, optstring string, sandbox string) *decisionWaiter {
 	if listStore == nil {
 		listStore = globalLS
+		waitTimes := []int{ 1, 2, 5, 10 }
+
+		if listStore == nil {
+			log.Print("SGFW prompter was not ready to receive firewall request... waiting")
+		}
+
+		for _, wtime := range waitTimes {
+			time.Sleep(time.Duration(wtime) * time.Second)
+			listStore = globalLS
+
+			if listStore != nil {
+				break
+			}
+
+			log.Print("SGFW prompter is still waiting...")
+		}
+
+	}
+
+	if listStore == nil {
+		log.Fatal("SGFW prompter GUI failed to load for unknown reasons")
 	}
 
 	iter := listStore.Append()
diff --git a/sgfw/prompt.go b/sgfw/prompt.go
index f461a20..22df84f 100644
--- a/sgfw/prompt.go
+++ b/sgfw/prompt.go
@@ -15,7 +15,7 @@ import (
 
 var DoMultiPrompt = true
 
-const MAX_PROMPTS = 3
+const MAX_PROMPTS = 5
 
 var outstandingPrompts = 0
 var promptLock = &sync.Mutex{}
diff --git a/vendor/github.com/subgraph/go-nfnetlink/nfnl_sock.go b/vendor/github.com/subgraph/go-nfnetlink/nfnl_sock.go
index 550fc8d..b817358 100644
--- a/vendor/github.com/subgraph/go-nfnetlink/nfnl_sock.go
+++ b/vendor/github.com/subgraph/go-nfnetlink/nfnl_sock.go
@@ -347,10 +347,10 @@ func readErrno(data []byte) uint32 {
 // is returned as an error.
 func (s *NetlinkSocket) fillRecvBuffer() (int, error) {
 	n, from, err := syscall.Recvfrom(s.fd, s.recvBuffer, 0)
-	sa := from.(*syscall.SockaddrNetlink)
 	if err != nil {
 		return 0, err
 	}
+	sa := from.(*syscall.SockaddrNetlink)
 	if s.flags.isSet(FlagDebug) {
 		fmt.Printf("from: %d\n", sa.Groups)
 	}