Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 23aaba5a authored by Liping Zhang's avatar Liping Zhang Committed by Pablo Neira Ayuso
Browse files

netfilter: cttimeout: put back l4proto when replacing timeout policy 



We forget to call nf_ct_l4proto_put when replacing the existing
timeout policy. Acctually, there's no need to get ct l4proto
before doing replace, so we can move it to a later position.

Signed-off-by: default avatarLiping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 93fac10b

net/netfilter/nfnetlink_cttimeout.c

+15 −18
Original line number Diff line number Diff line
@@ -98,31 +98,28 @@ static int cttimeout_new_timeout(struct net *net, struct sock *ctnl, 
		break;

	}



	l4proto = nf_ct_l4proto_find_get(l3num, l4num);



	/* This protocol is not supportted, skip. */

	if (l4proto->l4proto != l4num) {

		ret = -EOPNOTSUPP;

		goto err_proto_put;

	}



	if (matching) {

		if (nlh->nlmsg_flags & NLM_F_REPLACE) {

			/* You cannot replace one timeout policy by another of

			 * different kind, sorry.

			 */

			if (matching->l3num != l3num ||

			    matching->l4proto->l4proto != l4num) {

				ret = -EINVAL;

				goto err_proto_put;

			}

			    matching->l4proto->l4proto != l4num)

				return -EINVAL;



			ret = ctnl_timeout_parse_policy(&matching->data,

							l4proto, net,

			return ctnl_timeout_parse_policy(&matching->data,

							 matching->l4proto, net,

							 cda[CTA_TIMEOUT_DATA]);

			return ret;

		}

		ret = -EBUSY;



		return -EBUSY;

	}



	l4proto = nf_ct_l4proto_find_get(l3num, l4num);



	/* This protocol is not supportted, skip. */

	if (l4proto->l4proto != l4num) {

		ret = -EOPNOTSUPP;

		goto err_proto_put;

	}