aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2005-12-05 16:37:33 -0500
committerDavid S. Miller <davem@davemloft.net>2005-12-05 16:37:33 -0500
commit266c8543480e2202ab63d1d604a5ca049f350cd8 (patch)
tree77c754dce63f39e1f9dc2d1768ecd348c1d50c74
parent6636568cf85ef5898a892e90fcc88b61cca9ca27 (diff)
[NETFILTER]: Fix unbalanced read_unlock_bh in ctnetlink
NFA_NEST calls NFA_PUT which jumps to nfattr_failure if the skb has no room left. We call read_unlock_bh at nfattr_failure for the NFA_PUT inside the locked section, so move NFA_NEST inside the locked section too. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/netfilter/ip_conntrack_proto_tcp.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
index aeb7353d4777..e7fa29e576dc 100644
--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
@@ -341,9 +341,10 @@ static int tcp_print_conntrack(struct seq_file *s,
341static int tcp_to_nfattr(struct sk_buff *skb, struct nfattr *nfa, 341static int tcp_to_nfattr(struct sk_buff *skb, struct nfattr *nfa,
342 const struct ip_conntrack *ct) 342 const struct ip_conntrack *ct)
343{ 343{
344 struct nfattr *nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP); 344 struct nfattr *nest_parms;
345 345
346 read_lock_bh(&tcp_lock); 346 read_lock_bh(&tcp_lock);
347 nest_parms = NFA_NEST(skb, CTA_PROTOINFO_TCP);
347 NFA_PUT(skb, CTA_PROTOINFO_TCP_STATE, sizeof(u_int8_t), 348 NFA_PUT(skb, CTA_PROTOINFO_TCP_STATE, sizeof(u_int8_t),
348 &ct->proto.tcp.state); 349 &ct->proto.tcp.state);
349 read_unlock_bh(&tcp_lock); 350 read_unlock_bh(&tcp_lock);