From: Marco d'Itri <md@linux.it>
Date: Sat, 14 May 2022 02:57:49 +0800
Subject: sig_fix

* Fri May  6 2005 Thomas Woerner <twoerner@redhat.com> 7.6-39
- fixed sig patch (#141110). Thanks to Nikita Shulga for the patch

* Mon Feb 10 2003 Harald Hoyer <harald@redhat.de> 7.6-29
- added security patch tcp_wrappers-7.6-sig.patch
---
 hosts_access.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/hosts_access.c b/hosts_access.c
index 7ef0554..761e644 100644
--- a/hosts_access.c
+++ b/hosts_access.c
@@ -66,6 +66,7 @@ static char sep[] = ", \t\r\n";
 
 #define	YES		1
 #define	NO		0
+#define ERR             -1
 
  /*
   * These variables are globally visible so that they can be redirected in
@@ -131,11 +132,11 @@ struct request_info *request;
     verdict = setjmp(tcpd_buf);
     if (verdict != 0)
 	return (verdict == AC_PERMIT);
-    if (table_match(hosts_allow_table, request))
+    if (table_match(hosts_allow_table, request) == YES)
 	return (YES);
-    if (table_match(hosts_deny_table, request))
-	return (NO);
-    return (YES);
+    if (table_match(hosts_deny_table, request) == NO)
+	return (YES);
+    return (NO);
 }
 
 /* table_match - match table entries with (daemon, client) pair */
@@ -179,8 +180,9 @@ struct request_info *request;
 	(void) fclose(fp);
     } else if (errno != ENOENT) {
 	tcpd_warn("cannot open %s: %m", table);
+	match = ERR;
     }
-    if (match) {
+    if (match == YES) {
 	if (hosts_access_verbose > 1)
 	    syslog(LOG_DEBUG, "matched:  %s line %d",
 		   tcpd_context.file, tcpd_context.line);
