Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 88aa0429 authored by Pablo Neira's avatar Pablo Neira Committed by David S. Miller
Browse files

[NETFILTER]: conntrack_netlink: Fix locking during conntrack_create 



The current codepath allowed for ip_conntrack_lock to be unlock'ed twice.

Signed-off-by: default avatarPablo Neira <pablo@eurodev.net>
Signed-off-by: default avatarHarald Welte <laforge@netfilter.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 94cd2b67

net/ipv4/netfilter/ip_conntrack_netlink.c

+7 −6
Original line number Diff line number Diff line
@@ -1052,14 +1052,15 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, 
		err = -ENOENT;

		if (nlh->nlmsg_flags & NLM_F_CREATE)

			err = ctnetlink_create_conntrack(cda, &otuple, &rtuple);

		goto out_unlock;

	} else {

		return err;

	}

	/* implicit 'else' */



	/* we only allow nat config for new conntracks */

	if (cda[CTA_NAT-1]) {

		err = -EINVAL;

		goto out_unlock;

	}

	}



	/* We manipulate the conntrack inside the global conntrack table lock,

	 * so there's no need to increase the refcount */