diff options
| author |   Liping Zhang <zlpnobody@gmail.com> | 2017-04-02 18:01:33 +0800 |
|---|---|---|
| committer |   Pablo Neira Ayuso <pablo@netfilter.org> | 2017-04-08 23:52:17 +0200 |
| commit | 207df81501021f6d1a935cebf8e1f34d6d25564b (patch) | |
| tree | a64275e3cf253dc9e3ec2b6f0bd635651746fa11 /net/netfilter/nf_conntrack_expect.c | |
| parent | netfilter: make it safer during the inet6_dev->addr_list traversal (diff) | |
| download | linux-dev-207df81501021f6d1a935cebf8e1f34d6d25564b.tar.xz linux-dev-207df81501021f6d1a935cebf8e1f34d6d25564b.zip | |
netfilter: ctnetlink: skip dumping expect when nfct_help(ct) is NULL
For IPCTNL_MSG_EXP_GET, if the CTA_EXPECT_MASTER attr is specified, then
the NLM_F_DUMP request will dump the expectations related to this
connection tracking.
But we forget to check whether the conntrack has nf_conn_help or not,
so if nfct_help(ct) is NULL, oops will happen:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: ctnetlink_exp_ct_dump_table+0xf9/0x1e0 [nf_conntrack_netlink]
Call Trace:
? ctnetlink_exp_ct_dump_table+0x75/0x1e0 [nf_conntrack_netlink]
netlink_dump+0x124/0x2a0
__netlink_dump_start+0x161/0x190
ctnetlink_dump_exp_ct+0x16c/0x1bc [nf_conntrack_netlink]
? ctnetlink_exp_fill_info.constprop.33+0xf0/0xf0 [nf_conntrack_netlink]
? ctnetlink_glue_seqadj+0x20/0x20 [nf_conntrack_netlink]
ctnetlink_get_expect+0x32e/0x370 [nf_conntrack_netlink]
? debug_lockdep_rcu_enabled+0x1d/0x20
nfnetlink_rcv_msg+0x60a/0x6a9 [nfnetlink]
? nfnetlink_rcv_msg+0x1b9/0x6a9 [nfnetlink]
[...]
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_conntrack_expect.c')
0 files changed, 0 insertions, 0 deletions