netfilter: nft_ct: do cleanup work when NFTA_CT_DIRECTION is invalid

We should jump to invoke __nft_ct_set_destroy() instead of just return error. Fixes: edee4f1e9245 ("netfilter: nft_ct: add zone id set support") Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Acked-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Liping Zhang <zlpnobody@gmail.com> 2017-03-15 10:22:08 -0400
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2017-03-15 12:15:54 -0400
commit: 4494dbc6dec37817f2cc2aa7604039a9e87ada18 (patch)
tree: 58c35e56d52fe2045a7ea014ea35ad0a9c101323
parent: 04166f48d9593af4513ae06c0f966c0cee300a20 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 91585b5e5307..0264258c46fe 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -544,7 +544,8 @@ static int nft_ct_set_init(const struct nft_ctx *ctx,
                case IP_CT_DIR_REPLY:
                        break;
                default:
-                        return -EINVAL;
+                        err = -EINVAL;
+                        goto err1;
                }
        }
author	Liping Zhang <zlpnobody@gmail.com>	2017-03-15 10:22:08 -0400
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2017-03-15 12:15:54 -0400
commit	4494dbc6dec37817f2cc2aa7604039a9e87ada18 (patch)
tree	58c35e56d52fe2045a7ea014ea35ad0a9c101323
parent	04166f48d9593af4513ae06c0f966c0cee300a20 (diff)

diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c index 91585b5e5307..0264258c46fe 100644 --- a/net/netfilter/nft_ct.c +++ b/net/netfilter/nft_ct.c
@@ -544,7 +544,8 @@ static int nft_ct_set_init(const struct nft_ctx *ctx,
544	case IP_CT_DIR_REPLY:	544	case IP_CT_DIR_REPLY:
545	break;	545	break;
546	default:	546	default:
547	return -EINVAL;	547	err = -EINVAL;
		548	goto err1;
548	}	549	}
549	}	550	}
550		551