diff options
author | Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> | 2005-11-09 15:58:46 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-11-09 15:58:46 -0500 |
commit | eaae4fa45e0f4cd1da0f00ae93551edb1002b2b9 (patch) | |
tree | 60834444b32069e871f8480464946b9fb62ccd71 /net/ipv4 | |
parent | 46998f59c03ecbd7c2250810f35af6fe24868845 (diff) |
[NETFILTER]: refcount leak of proto when ctnetlink dumping tuple
Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index 431a446994f6..02f303cf201e 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c | |||
@@ -58,14 +58,17 @@ ctnetlink_dump_tuples_proto(struct sk_buff *skb, | |||
58 | const struct ip_conntrack_tuple *tuple) | 58 | const struct ip_conntrack_tuple *tuple) |
59 | { | 59 | { |
60 | struct ip_conntrack_protocol *proto; | 60 | struct ip_conntrack_protocol *proto; |
61 | int ret = 0; | ||
61 | 62 | ||
62 | NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); | 63 | NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); |
63 | 64 | ||
64 | proto = ip_conntrack_proto_find_get(tuple->dst.protonum); | 65 | proto = ip_conntrack_proto_find_get(tuple->dst.protonum); |
65 | if (proto && proto->tuple_to_nfattr) | 66 | if (likely(proto && proto->tuple_to_nfattr)) { |
66 | return proto->tuple_to_nfattr(skb, tuple); | 67 | ret = proto->tuple_to_nfattr(skb, tuple); |
68 | ip_conntrack_proto_put(proto); | ||
69 | } | ||
67 | 70 | ||
68 | return 0; | 71 | return ret; |
69 | 72 | ||
70 | nfattr_failure: | 73 | nfattr_failure: |
71 | return -1; | 74 | return -1; |