diff options
author | Alexey Dobriyan <adobriyan@gmail.com> | 2008-10-20 06:33:49 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-10-20 06:33:49 -0400 |
commit | b09eec161b0d416cac0f4758042efdf8f912ce27 (patch) | |
tree | 0ac7437951744c926eab83f44031f1585564b35b | |
parent | 311670f3ea90115f2f1840e3e9770ed71e06e6c3 (diff) |
netfilter: xt_recent: use proc_create_data()
Fixes a crash in recent_seq_start:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000100
IP: [<ffffffffa002119c>] recent_seq_start+0x4c/0x90 [xt_recent]
PGD 17d33c067 PUD 107afe067 PMD 0
Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
CPU 0
Modules linked in: ipt_LOG xt_recent af_packet iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 xt_tcpudp iptable_filter ip_tables x_tables ext2 nls_utf8 fuse sr_mod cdrom [last unloaded: ntfs]
Pid: 32373, comm: cat Not tainted 2.6.27-04ab591808565f968d4406f6435090ad671ebdab #6
RIP: 0010:[<ffffffffa002119c>] [<ffffffffa002119c>] recent_seq_start+0x4c/0x90 [xt_recent]
RSP: 0018:ffff88015fed7e28 EFLAGS: 00010246
...
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/netfilter/xt_recent.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c index 4ebd4ca9a991..280c471bcdf4 100644 --- a/net/netfilter/xt_recent.c +++ b/net/netfilter/xt_recent.c | |||
@@ -318,15 +318,15 @@ static bool recent_mt_check(const struct xt_mtchk_param *par) | |||
318 | for (i = 0; i < ip_list_hash_size; i++) | 318 | for (i = 0; i < ip_list_hash_size; i++) |
319 | INIT_LIST_HEAD(&t->iphash[i]); | 319 | INIT_LIST_HEAD(&t->iphash[i]); |
320 | #ifdef CONFIG_PROC_FS | 320 | #ifdef CONFIG_PROC_FS |
321 | t->proc = proc_create(t->name, ip_list_perms, recent_proc_dir, | 321 | t->proc = proc_create_data(t->name, ip_list_perms, recent_proc_dir, |
322 | &recent_mt_fops); | 322 | &recent_mt_fops, t); |
323 | if (t->proc == NULL) { | 323 | if (t->proc == NULL) { |
324 | kfree(t); | 324 | kfree(t); |
325 | goto out; | 325 | goto out; |
326 | } | 326 | } |
327 | #ifdef CONFIG_NETFILTER_XT_MATCH_RECENT_PROC_COMPAT | 327 | #ifdef CONFIG_NETFILTER_XT_MATCH_RECENT_PROC_COMPAT |
328 | t->proc_old = proc_create(t->name, ip_list_perms, proc_old_dir, | 328 | t->proc_old = proc_create_data(t->name, ip_list_perms, proc_old_dir, |
329 | &recent_old_fops); | 329 | &recent_old_fops, t); |
330 | if (t->proc_old == NULL) { | 330 | if (t->proc_old == NULL) { |
331 | remove_proc_entry(t->name, proc_old_dir); | 331 | remove_proc_entry(t->name, proc_old_dir); |
332 | kfree(t); | 332 | kfree(t); |
@@ -334,11 +334,9 @@ static bool recent_mt_check(const struct xt_mtchk_param *par) | |||
334 | } | 334 | } |
335 | t->proc_old->uid = ip_list_uid; | 335 | t->proc_old->uid = ip_list_uid; |
336 | t->proc_old->gid = ip_list_gid; | 336 | t->proc_old->gid = ip_list_gid; |
337 | t->proc_old->data = t; | ||
338 | #endif | 337 | #endif |
339 | t->proc->uid = ip_list_uid; | 338 | t->proc->uid = ip_list_uid; |
340 | t->proc->gid = ip_list_gid; | 339 | t->proc->gid = ip_list_gid; |
341 | t->proc->data = t; | ||
342 | #endif | 340 | #endif |
343 | spin_lock_bh(&recent_lock); | 341 | spin_lock_bh(&recent_lock); |
344 | list_add_tail(&t->list, &tables); | 342 | list_add_tail(&t->list, &tables); |