openkylin
/
linux
mirror of https://gitee.com/openkylin/linux.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

[NETFILTER] ctnetlink: Fix refcount leak ip_conntrack/nat_proto 

Remove proto == NULL checking since ip_conntrack_[nat_]proto_find_get
always returns a valid pointer.

Fix missing ip_conntrack_proto_put in some paths.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Pablo Neira Ayuso 2005-11-22 14:54:34 -08:00 committed by David S. Miller
parent 0ff60a4567
commit 00cb277a4a
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
net/ipv4/netfilter/ip_conntrack_netlink.c
View File

@ -59,11 +59,13 @@ ctnetlink_dump_tuples_proto(struct sk_buff *skb,
NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
/* If no protocol helper is found, this function will return the
* generic protocol helper, so proto won't *ever* be NULL */
proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
if (likely(proto && proto->tuple_to_nfattr)) {
if (likely(proto->tuple_to_nfattr))
ret = proto->tuple_to_nfattr(skb, tuple);
ip_conntrack_proto_put(proto);
}
ip_conntrack_proto_put(proto);
return ret;
@ -128,9 +130,11 @@ ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct ip_conntrack *ct)
struct nfattr *nest_proto;
int ret;
if (!proto || !proto->to_nfattr)
if (!proto->to_nfattr) {
ip_conntrack_proto_put(proto);
return 0;
}
nest_proto = NFA_NEST(skb, CTA_PROTOINFO);
@ -527,10 +531,10 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr,
proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
if (likely(proto && proto->nfattr_to_tuple)) {
if (likely(proto->nfattr_to_tuple))
ret = proto->nfattr_to_tuple(tb, tuple);
ip_conntrack_proto_put(proto);
}
ip_conntrack_proto_put(proto);
return ret;
}
@ -596,8 +600,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr,
return -EINVAL;
npt = ip_nat_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum);
if (!npt)
return 0;
if (!npt->nfattr_to_range) {
ip_nat_proto_put(npt);
@ -957,8 +959,6 @@ ctnetlink_change_protoinfo(struct ip_conntrack *ct, struct nfattr *cda[])
nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr);
proto = ip_conntrack_proto_find_get(npt);
if (!proto)
return -EINVAL;
if (proto->from_nfattr)
err = proto->from_nfattr(tb, ct);