diff options
author | Harald Welte <laforge@netfilter.org> | 2005-11-03 14:17:51 -0500 |
---|---|---|
committer | Arnaldo Carvalho de Melo <acme@mandriva.com> | 2005-11-04 22:23:34 -0500 |
commit | d2a7bb7141a1fac7b11523538b2d2407e928baeb (patch) | |
tree | 67fdabbfbdc0b53154a4f6aa1a33c383db02bfb2 | |
parent | d811552eda2476215d69d485e437d2dcae1ab0b4 (diff) |
[NETFILTER] NAT: Fix module refcount dropping too far
The unknown protocol is used as a fallback when a protocol isn't known.
Hence we cannot handle it failing, so don't set ".me". It's OK, since we
only grab a reference from within the same module (iptable_nat.ko), so we
never take the module refcount from 0 to 1.
Also, remove the "protocol is NULL" test: it's never NULL.
Signed-off-by: Rusty Rusty <rusty@rustcorp.com.au>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
-rw-r--r-- | net/ipv4/netfilter/ip_nat_core.c | 6 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_nat_proto_unknown.c | 2 |
2 files changed, 3 insertions, 5 deletions
diff --git a/net/ipv4/netfilter/ip_nat_core.c b/net/ipv4/netfilter/ip_nat_core.c index c5e3abd24672..762f4d93936b 100644 --- a/net/ipv4/netfilter/ip_nat_core.c +++ b/net/ipv4/netfilter/ip_nat_core.c | |||
@@ -66,10 +66,8 @@ ip_nat_proto_find_get(u_int8_t protonum) | |||
66 | * removed until we've grabbed the reference */ | 66 | * removed until we've grabbed the reference */ |
67 | preempt_disable(); | 67 | preempt_disable(); |
68 | p = __ip_nat_proto_find(protonum); | 68 | p = __ip_nat_proto_find(protonum); |
69 | if (p) { | 69 | if (!try_module_get(p->me)) |
70 | if (!try_module_get(p->me)) | 70 | p = &ip_nat_unknown_protocol; |
71 | p = &ip_nat_unknown_protocol; | ||
72 | } | ||
73 | preempt_enable(); | 71 | preempt_enable(); |
74 | 72 | ||
75 | return p; | 73 | return p; |
diff --git a/net/ipv4/netfilter/ip_nat_proto_unknown.c b/net/ipv4/netfilter/ip_nat_proto_unknown.c index 99bbef56f84e..f0099a646a0b 100644 --- a/net/ipv4/netfilter/ip_nat_proto_unknown.c +++ b/net/ipv4/netfilter/ip_nat_proto_unknown.c | |||
@@ -62,7 +62,7 @@ unknown_print_range(char *buffer, const struct ip_nat_range *range) | |||
62 | 62 | ||
63 | struct ip_nat_protocol ip_nat_unknown_protocol = { | 63 | struct ip_nat_protocol ip_nat_unknown_protocol = { |
64 | .name = "unknown", | 64 | .name = "unknown", |
65 | .me = THIS_MODULE, | 65 | /* .me isn't set: getting a ref to this cannot fail. */ |
66 | .manip_pkt = unknown_manip_pkt, | 66 | .manip_pkt = unknown_manip_pkt, |
67 | .in_range = unknown_in_range, | 67 | .in_range = unknown_in_range, |
68 | .unique_tuple = unknown_unique_tuple, | 68 | .unique_tuple = unknown_unique_tuple, |