netfilter: ipset: Fix error path in set_target_v3_checkentry()

Fix error path and release the references properly.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
This commit is contained in:
Jozsef Kadlecsik 2019-06-10 12:58:26 +02:00
parent 13c6ba1f85
commit b1732e1638
1 changed files with 21 additions and 20 deletions

View File

@ -439,6 +439,7 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
{ {
const struct xt_set_info_target_v3 *info = par->targinfo; const struct xt_set_info_target_v3 *info = par->targinfo;
ip_set_id_t index; ip_set_id_t index;
int ret = 0;
if (info->add_set.index != IPSET_INVALID_ID) { if (info->add_set.index != IPSET_INVALID_ID) {
index = ip_set_nfnl_get_byindex(par->net, index = ip_set_nfnl_get_byindex(par->net,
@ -456,17 +457,16 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
if (index == IPSET_INVALID_ID) { if (index == IPSET_INVALID_ID) {
pr_info_ratelimited("Cannot find del_set index %u as target\n", pr_info_ratelimited("Cannot find del_set index %u as target\n",
info->del_set.index); info->del_set.index);
if (info->add_set.index != IPSET_INVALID_ID) ret = -ENOENT;
ip_set_nfnl_put(par->net, goto cleanup_add;
info->add_set.index);
return -ENOENT;
} }
} }
if (info->map_set.index != IPSET_INVALID_ID) { if (info->map_set.index != IPSET_INVALID_ID) {
if (strncmp(par->table, "mangle", 7)) { if (strncmp(par->table, "mangle", 7)) {
pr_info_ratelimited("--map-set only usable from mangle table\n"); pr_info_ratelimited("--map-set only usable from mangle table\n");
return -EINVAL; ret = -EINVAL;
goto cleanup_del;
} }
if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) | if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) |
(info->flags & IPSET_FLAG_MAP_SKBQUEUE)) && (info->flags & IPSET_FLAG_MAP_SKBQUEUE)) &&
@ -474,20 +474,16 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
1 << NF_INET_LOCAL_OUT | 1 << NF_INET_LOCAL_OUT |
1 << NF_INET_POST_ROUTING))) { 1 << NF_INET_POST_ROUTING))) {
pr_info_ratelimited("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n"); pr_info_ratelimited("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n");
return -EINVAL; ret = -EINVAL;
goto cleanup_del;
} }
index = ip_set_nfnl_get_byindex(par->net, index = ip_set_nfnl_get_byindex(par->net,
info->map_set.index); info->map_set.index);
if (index == IPSET_INVALID_ID) { if (index == IPSET_INVALID_ID) {
pr_info_ratelimited("Cannot find map_set index %u as target\n", pr_info_ratelimited("Cannot find map_set index %u as target\n",
info->map_set.index); info->map_set.index);
if (info->add_set.index != IPSET_INVALID_ID) ret = -ENOENT;
ip_set_nfnl_put(par->net, goto cleanup_del;
info->add_set.index);
if (info->del_set.index != IPSET_INVALID_ID)
ip_set_nfnl_put(par->net,
info->del_set.index);
return -ENOENT;
} }
} }
@ -495,16 +491,21 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
info->del_set.dim > IPSET_DIM_MAX || info->del_set.dim > IPSET_DIM_MAX ||
info->map_set.dim > IPSET_DIM_MAX) { info->map_set.dim > IPSET_DIM_MAX) {
pr_info_ratelimited("SET target dimension over the limit!\n"); pr_info_ratelimited("SET target dimension over the limit!\n");
if (info->add_set.index != IPSET_INVALID_ID) ret = -ERANGE;
ip_set_nfnl_put(par->net, info->add_set.index); goto cleanup_mark;
if (info->del_set.index != IPSET_INVALID_ID)
ip_set_nfnl_put(par->net, info->del_set.index);
if (info->map_set.index != IPSET_INVALID_ID)
ip_set_nfnl_put(par->net, info->map_set.index);
return -ERANGE;
} }
return 0; return 0;
cleanup_mark:
if (info->map_set.index != IPSET_INVALID_ID)
ip_set_nfnl_put(par->net, info->map_set.index);
cleanup_del:
if (info->del_set.index != IPSET_INVALID_ID)
ip_set_nfnl_put(par->net, info->del_set.index);
cleanup_add:
if (info->add_set.index != IPSET_INVALID_ID)
ip_set_nfnl_put(par->net, info->add_set.index);
return ret;
} }
static void static void