From a90827e88d1ad46172ecac6995c438d0320b518e Mon Sep 17 00:00:00 2001 From: brl Date: Mon, 14 Dec 2015 19:41:17 +0000 Subject: [PATCH] policyForPath() needs to be called with lock already held --- policy.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/policy.go b/policy.go index 5672627..d576803 100644 --- a/policy.go +++ b/policy.go @@ -26,8 +26,6 @@ type Policy struct { } func (fw *Firewall) policyForPath(path string) *Policy { - fw.lock.Lock() - defer fw.lock.Unlock() if _, ok := fw.policyMap[path]; !ok { p := new(Policy) p.fw = fw @@ -175,7 +173,9 @@ func (fw *Firewall) filterPacket(pkt *nfqueue.Packet) { pkt.Accept() return } + fw.lock.Lock() policy := fw.policyForPath(proc.exePath) + fw.lock.Unlock() policy.processPacket(pkt, proc) }