diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2005-11-22 17:54:34 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-11-22 17:54:34 -0500 |
commit | 00cb277a4a1fb76aafb2fb28aa99f30546e619c5 (patch) | |
tree | 8ea9a2434eb55d2ff60bbff3dbc85817a7607493 /net | |
parent | 0ff60a45678e67b2547256a636fd00c1667ce4fa (diff) |
[NETFILTER] ctnetlink: Fix refcount leak ip_conntrack/nat_proto
Remove proto == NULL checking since ip_conntrack_[nat_]proto_find_get
always returns a valid pointer.
Fix missing ip_conntrack_proto_put in some paths.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index de9f4464438..6c18a2b6d5c 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c | |||
@@ -59,11 +59,13 @@ ctnetlink_dump_tuples_proto(struct sk_buff *skb, | |||
59 | 59 | ||
60 | NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); | 60 | NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); |
61 | 61 | ||
62 | /* If no protocol helper is found, this function will return the | ||
63 | * generic protocol helper, so proto won't *ever* be NULL */ | ||
62 | proto = ip_conntrack_proto_find_get(tuple->dst.protonum); | 64 | proto = ip_conntrack_proto_find_get(tuple->dst.protonum); |
63 | if (likely(proto && proto->tuple_to_nfattr)) { | 65 | if (likely(proto->tuple_to_nfattr)) |
64 | ret = proto->tuple_to_nfattr(skb, tuple); | 66 | ret = proto->tuple_to_nfattr(skb, tuple); |
65 | ip_conntrack_proto_put(proto); | 67 | |
66 | } | 68 | ip_conntrack_proto_put(proto); |
67 | 69 | ||
68 | return ret; | 70 | return ret; |
69 | 71 | ||
@@ -128,9 +130,11 @@ ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct ip_conntrack *ct) | |||
128 | 130 | ||
129 | struct nfattr *nest_proto; | 131 | struct nfattr *nest_proto; |
130 | int ret; | 132 | int ret; |
131 | 133 | ||
132 | if (!proto || !proto->to_nfattr) | 134 | if (!proto->to_nfattr) { |
135 | ip_conntrack_proto_put(proto); | ||
133 | return 0; | 136 | return 0; |
137 | } | ||
134 | 138 | ||
135 | nest_proto = NFA_NEST(skb, CTA_PROTOINFO); | 139 | nest_proto = NFA_NEST(skb, CTA_PROTOINFO); |
136 | 140 | ||
@@ -527,10 +531,10 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr, | |||
527 | 531 | ||
528 | proto = ip_conntrack_proto_find_get(tuple->dst.protonum); | 532 | proto = ip_conntrack_proto_find_get(tuple->dst.protonum); |
529 | 533 | ||
530 | if (likely(proto && proto->nfattr_to_tuple)) { | 534 | if (likely(proto->nfattr_to_tuple)) |
531 | ret = proto->nfattr_to_tuple(tb, tuple); | 535 | ret = proto->nfattr_to_tuple(tb, tuple); |
532 | ip_conntrack_proto_put(proto); | 536 | |
533 | } | 537 | ip_conntrack_proto_put(proto); |
534 | 538 | ||
535 | return ret; | 539 | return ret; |
536 | } | 540 | } |
@@ -596,8 +600,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr, | |||
596 | return -EINVAL; | 600 | return -EINVAL; |
597 | 601 | ||
598 | npt = ip_nat_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum); | 602 | npt = ip_nat_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum); |
599 | if (!npt) | ||
600 | return 0; | ||
601 | 603 | ||
602 | if (!npt->nfattr_to_range) { | 604 | if (!npt->nfattr_to_range) { |
603 | ip_nat_proto_put(npt); | 605 | ip_nat_proto_put(npt); |
@@ -957,8 +959,6 @@ ctnetlink_change_protoinfo(struct ip_conntrack *ct, struct nfattr *cda[]) | |||
957 | nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr); | 959 | nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr); |
958 | 960 | ||
959 | proto = ip_conntrack_proto_find_get(npt); | 961 | proto = ip_conntrack_proto_find_get(npt); |
960 | if (!proto) | ||
961 | return -EINVAL; | ||
962 | 962 | ||
963 | if (proto->from_nfattr) | 963 | if (proto->from_nfattr) |
964 | err = proto->from_nfattr(tb, ct); | 964 | err = proto->from_nfattr(tb, ct); |