aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/net/netfilter/nf_conntrack_core.h3
-rw-r--r--net/ipv6/netfilter/nf_conntrack_reasm.c8
-rw-r--r--net/netfilter/nf_conntrack_core.c2
-rw-r--r--net/netfilter/nf_conntrack_netlink.c1
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c4
5 files changed, 10 insertions, 8 deletions
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index c25068e38516..5a449b44ba33 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -62,7 +62,8 @@ static inline int nf_conntrack_confirm(struct sk_buff *skb)
62 if (ct && ct != &nf_conntrack_untracked) { 62 if (ct && ct != &nf_conntrack_untracked) {
63 if (!nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct)) 63 if (!nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct))
64 ret = __nf_conntrack_confirm(skb); 64 ret = __nf_conntrack_confirm(skb);
65 nf_ct_deliver_cached_events(ct); 65 if (likely(ret == NF_ACCEPT))
66 nf_ct_deliver_cached_events(ct);
66 } 67 }
67 return ret; 68 return ret;
68} 69}
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index ed4d79a9e4a6..058a5e4a60c3 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -528,14 +528,14 @@ find_prev_fhdr(struct sk_buff *skb, u8 *prevhdrp, int *prevhoff, int *fhoff)
528 if (!ipv6_ext_hdr(nexthdr)) { 528 if (!ipv6_ext_hdr(nexthdr)) {
529 return -1; 529 return -1;
530 } 530 }
531 if (len < (int)sizeof(struct ipv6_opt_hdr)) {
532 pr_debug("too short\n");
533 return -1;
534 }
535 if (nexthdr == NEXTHDR_NONE) { 531 if (nexthdr == NEXTHDR_NONE) {
536 pr_debug("next header is none\n"); 532 pr_debug("next header is none\n");
537 return -1; 533 return -1;
538 } 534 }
535 if (len < (int)sizeof(struct ipv6_opt_hdr)) {
536 pr_debug("too short\n");
537 return -1;
538 }
539 if (skb_copy_bits(skb, start, &hdr, sizeof(hdr))) 539 if (skb_copy_bits(skb, start, &hdr, sizeof(hdr)))
540 BUG(); 540 BUG();
541 if (nexthdr == NEXTHDR_AUTH) 541 if (nexthdr == NEXTHDR_AUTH)
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 90ce9ddb9451..f4935e344b61 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -726,7 +726,7 @@ nf_conntrack_in(struct net *net, u_int8_t pf, unsigned int hooknum,
726 NF_CT_ASSERT(skb->nfct); 726 NF_CT_ASSERT(skb->nfct);
727 727
728 ret = l4proto->packet(ct, skb, dataoff, ctinfo, pf, hooknum); 728 ret = l4proto->packet(ct, skb, dataoff, ctinfo, pf, hooknum);
729 if (ret < 0) { 729 if (ret <= 0) {
730 /* Invalid: inverse of the return code tells 730 /* Invalid: inverse of the return code tells
731 * the netfilter core what to do */ 731 * the netfilter core what to do */
732 pr_debug("nf_conntrack_in: Can't track with proto module\n"); 732 pr_debug("nf_conntrack_in: Can't track with proto module\n");
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index cb78aa00399e..ed6d873ad384 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1780,6 +1780,7 @@ ctnetlink_create_expect(struct nlattr *cda[], u_int8_t u3, u32 pid, int report)
1780 goto out; 1780 goto out;
1781 } 1781 }
1782 1782
1783 exp->class = 0;
1783 exp->expectfn = NULL; 1784 exp->expectfn = NULL;
1784 exp->flags = 0; 1785 exp->flags = 0;
1785 exp->master = ct; 1786 exp->master = ct;
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index a1edb9c1adee..f3fd154d1ddd 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -859,7 +859,7 @@ static int tcp_packet(struct nf_conn *ct,
859 */ 859 */
860 if (nf_ct_kill(ct)) 860 if (nf_ct_kill(ct))
861 return -NF_REPEAT; 861 return -NF_REPEAT;
862 return -NF_DROP; 862 return NF_DROP;
863 } 863 }
864 /* Fall through */ 864 /* Fall through */
865 case TCP_CONNTRACK_IGNORE: 865 case TCP_CONNTRACK_IGNORE:
@@ -892,7 +892,7 @@ static int tcp_packet(struct nf_conn *ct,
892 nf_log_packet(pf, 0, skb, NULL, NULL, NULL, 892 nf_log_packet(pf, 0, skb, NULL, NULL, NULL,
893 "nf_ct_tcp: killing out of sync session "); 893 "nf_ct_tcp: killing out of sync session ");
894 nf_ct_kill(ct); 894 nf_ct_kill(ct);
895 return -NF_DROP; 895 return NF_DROP;
896 } 896 }
897 ct->proto.tcp.last_index = index; 897 ct->proto.tcp.last_index = index;
898 ct->proto.tcp.last_dir = dir; 898 ct->proto.tcp.last_dir = dir;