commit 00cb277a4a1fb76aafb2fb28aa99f30546e619c5 · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

[NETFILTER] ctnetlink: Fix refcount leak ip_conntrack/nat_proto

Remove proto == NULL checking since ip_conntrack_[nat_]proto_find_get
always returns a valid pointer.

Fix missing ip_conntrack_proto_put in some paths.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by Pablo Neira Ayuso and committed by David S. Miller 20 years ago 00cb277a 0ff60a45

+12 -12

1 changed file

expand all

unified split

net

ipv4

netfilter

ip_conntrack_netlink.c

+12 -12

net/ipv4/netfilter/ip_conntrack_netlink.c

··· 59 60 NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); 61 62 proto = ip_conntrack_proto_find_get(tuple->dst.protonum); 63 - if (likely(proto && proto->tuple_to_nfattr)) { 64 ret = proto->tuple_to_nfattr(skb, tuple); 65 - ip_conntrack_proto_put(proto); 66 - } 67 68 return ret; 69 ··· 130 131 struct nfattr *nest_proto; 132 int ret; 133 - 134 - if (!proto || !proto->to_nfattr) 135 return 0; 136 137 nest_proto = NFA_NEST(skb, CTA_PROTOINFO); 138 ··· 531 532 proto = ip_conntrack_proto_find_get(tuple->dst.protonum); 533 534 - if (likely(proto && proto->nfattr_to_tuple)) { 535 ret = proto->nfattr_to_tuple(tb, tuple); 536 - ip_conntrack_proto_put(proto); 537 - } 538 539 return ret; 540 } ··· 600 return -EINVAL; 601 602 npt = ip_nat_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum); 603 - if (!npt) 604 - return 0; 605 606 if (!npt->nfattr_to_range) { 607 ip_nat_proto_put(npt); ··· 959 nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr); 960 961 proto = ip_conntrack_proto_find_get(npt); 962 - if (!proto) 963 - return -EINVAL; 964 965 if (proto->from_nfattr) 966 err = proto->from_nfattr(tb, ct);

··· 59 60 NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); 61 62 + /* If no protocol helper is found, this function will return the 63 + * generic protocol helper, so proto won't *ever* be NULL */ 64 proto = ip_conntrack_proto_find_get(tuple->dst.protonum); 65 + if (likely(proto->tuple_to_nfattr)) 66 ret = proto->tuple_to_nfattr(skb, tuple); 67 + 68 + ip_conntrack_proto_put(proto); 69 70 return ret; 71 ··· 128 129 struct nfattr *nest_proto; 130 int ret; 131 + 132 + if (!proto->to_nfattr) { 133 + ip_conntrack_proto_put(proto); 134 return 0; 135 + } 136 137 nest_proto = NFA_NEST(skb, CTA_PROTOINFO); 138 ··· 527 528 proto = ip_conntrack_proto_find_get(tuple->dst.protonum); 529 530 + if (likely(proto->nfattr_to_tuple)) 531 ret = proto->nfattr_to_tuple(tb, tuple); 532 + 533 + ip_conntrack_proto_put(proto); 534 535 return ret; 536 } ··· 596 return -EINVAL; 597 598 npt = ip_nat_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum); 599 600 if (!npt->nfattr_to_range) { 601 ip_nat_proto_put(npt); ··· 957 nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr); 958 959 proto = ip_conntrack_proto_find_get(npt); 960 961 if (proto->from_nfattr) 962 err = proto->from_nfattr(tb, ct);