aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2005-11-22 17:54:34 -0500
committerDavid S. Miller <davem@davemloft.net>2005-11-22 17:54:34 -0500
commit00cb277a4a1fb76aafb2fb28aa99f30546e619c5 (patch)
tree8ea9a2434eb55d2ff60bbff3dbc85817a7607493
parent0ff60a45678e67b2547256a636fd00c1667ce4fa (diff)
[NETFILTER] ctnetlink: Fix refcount leak ip_conntrack/nat_proto
Remove proto == NULL checking since ip_conntrack_[nat_]proto_find_get always returns a valid pointer. Fix missing ip_conntrack_proto_put in some paths. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/netfilter/ip_conntrack_netlink.c24
1 files changed, 12 insertions, 12 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c
index de9f4464438d..6c18a2b6d5ce 100644
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -59,11 +59,13 @@ ctnetlink_dump_tuples_proto(struct sk_buff *skb,
59 59
60 NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); 60 NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
61 61
62 /* If no protocol helper is found, this function will return the
63 * generic protocol helper, so proto won't *ever* be NULL */
62 proto = ip_conntrack_proto_find_get(tuple->dst.protonum); 64 proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
63 if (likely(proto && proto->tuple_to_nfattr)) { 65 if (likely(proto->tuple_to_nfattr))
64 ret = proto->tuple_to_nfattr(skb, tuple); 66 ret = proto->tuple_to_nfattr(skb, tuple);
65 ip_conntrack_proto_put(proto); 67
66 } 68 ip_conntrack_proto_put(proto);
67 69
68 return ret; 70 return ret;
69 71
@@ -128,9 +130,11 @@ ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct ip_conntrack *ct)
128 130
129 struct nfattr *nest_proto; 131 struct nfattr *nest_proto;
130 int ret; 132 int ret;
131 133
132 if (!proto || !proto->to_nfattr) 134 if (!proto->to_nfattr) {
135 ip_conntrack_proto_put(proto);
133 return 0; 136 return 0;
137 }
134 138
135 nest_proto = NFA_NEST(skb, CTA_PROTOINFO); 139 nest_proto = NFA_NEST(skb, CTA_PROTOINFO);
136 140
@@ -527,10 +531,10 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr,
527 531
528 proto = ip_conntrack_proto_find_get(tuple->dst.protonum); 532 proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
529 533
530 if (likely(proto && proto->nfattr_to_tuple)) { 534 if (likely(proto->nfattr_to_tuple))
531 ret = proto->nfattr_to_tuple(tb, tuple); 535 ret = proto->nfattr_to_tuple(tb, tuple);
532 ip_conntrack_proto_put(proto); 536
533 } 537 ip_conntrack_proto_put(proto);
534 538
535 return ret; 539 return ret;
536} 540}
@@ -596,8 +600,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr,
596 return -EINVAL; 600 return -EINVAL;
597 601
598 npt = ip_nat_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum); 602 npt = ip_nat_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum);
599 if (!npt)
600 return 0;
601 603
602 if (!npt->nfattr_to_range) { 604 if (!npt->nfattr_to_range) {
603 ip_nat_proto_put(npt); 605 ip_nat_proto_put(npt);
@@ -957,8 +959,6 @@ ctnetlink_change_protoinfo(struct ip_conntrack *ct, struct nfattr *cda[])
957 nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr); 959 nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr);
958 960
959 proto = ip_conntrack_proto_find_get(npt); 961 proto = ip_conntrack_proto_find_get(npt);
960 if (!proto)
961 return -EINVAL;
962 962
963 if (proto->from_nfattr) 963 if (proto->from_nfattr)
964 err = proto->from_nfattr(tb, ct); 964 err = proto->from_nfattr(tb, ct);