diff options
author | Patrick McHardy <kaber@trash.net> | 2006-07-25 01:52:10 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2006-07-25 01:52:10 -0400 |
commit | 083edca05ab1fa6efac1ba414018f7f45a4a83ff (patch) | |
tree | d135d53781c13afb23dcfe8576e37edff2224406 /net | |
parent | b4e54de8d34afe7fcf08bfe91070d9dfeae6ed27 (diff) |
[NETFILTER]: H.323 helper: fix possible NULL-ptr dereference
An RCF message containing a timeout results in a NULL-ptr dereference if
no RRQ has been seen before.
Noticed by the "SATURN tool", reported by Thomas Dillig <tdillig@stanford.edu>
and Isil Dillig <isil@stanford.edu>.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_helper_h323.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323.c b/net/ipv4/netfilter/ip_conntrack_helper_h323.c index af35235672d5..9a39e2969712 100644 --- a/net/ipv4/netfilter/ip_conntrack_helper_h323.c +++ b/net/ipv4/netfilter/ip_conntrack_helper_h323.c | |||
@@ -1200,7 +1200,7 @@ static struct ip_conntrack_expect *find_expect(struct ip_conntrack *ct, | |||
1200 | tuple.dst.protonum = IPPROTO_TCP; | 1200 | tuple.dst.protonum = IPPROTO_TCP; |
1201 | 1201 | ||
1202 | exp = __ip_conntrack_expect_find(&tuple); | 1202 | exp = __ip_conntrack_expect_find(&tuple); |
1203 | if (exp->master == ct) | 1203 | if (exp && exp->master == ct) |
1204 | return exp; | 1204 | return exp; |
1205 | return NULL; | 1205 | return NULL; |
1206 | } | 1206 | } |