diff options
| author |   Pablo Neira Ayuso <pablo@netfilter.org> | 2005-11-09 12:59:41 -0800 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2005-11-09 12:59:41 -0800 |
| commit | 51df784ed739246a3774b300e5f536e17bec36ed (patch) | |
| tree | 866c76ffab5fa6c19648829f46dfcaee6f314a7d /net | |
| parent | [NETFILTER] nfnetlink: nfattr_parse() can never fail, make it void (diff) | |
| download | linux-dev-51df784ed739246a3774b300e5f536e17bec36ed.tar.xz linux-dev-51df784ed739246a3774b300e5f536e17bec36ed.zip | |
[NETFILTER] ctnetlink: check if protoinfo is present
This fixes an oops triggered from userspace. If we don't pass information
about the private protocol info, the reference to attr will be NULL. This is
likely to happen in update messages.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c index 6ea4b22ff28d..468c6003b4c7 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c @@ -362,6 +362,11 @@ static int nfattr_to_tcp(struct nfattr *cda[], struct ip_conntrack *ct) struct nfattr *attr = cda[CTA_PROTOINFO_TCP-1]; struct nfattr *tb[CTA_PROTOINFO_TCP_MAX]; + /* updates could not contain anything about the private + * protocol info, in that case skip the parsing */ + if (!attr) + return 0; + nfattr_parse_nested(tb, CTA_PROTOINFO_TCP_MAX, attr); if (!tb[CTA_PROTOINFO_TCP_STATE-1]) |