Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b1732e16 authored by Jozsef Kadlecsik's avatar Jozsef Kadlecsik
Browse files

netfilter: ipset: Fix error path in set_target_v3_checkentry() 



Fix error path and release the references properly.

Signed-off-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
parent 13c6ba1f

net/netfilter/xt_set.c

+21 −20
Original line number Diff line number Diff line
@@ -439,6 +439,7 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par) 
{

	const struct xt_set_info_target_v3 *info = par->targinfo;

	ip_set_id_t index;

	int ret = 0;



	if (info->add_set.index != IPSET_INVALID_ID) {

		index = ip_set_nfnl_get_byindex(par->net,
@@ -456,17 +457,16 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par) 
		if (index == IPSET_INVALID_ID) {

			pr_info_ratelimited("Cannot find del_set index %u as target\n",

					    info->del_set.index);

			if (info->add_set.index != IPSET_INVALID_ID)

				ip_set_nfnl_put(par->net,

						info->add_set.index);

			return -ENOENT;

			ret = -ENOENT;

			goto cleanup_add;

		}

	}



	if (info->map_set.index != IPSET_INVALID_ID) {

		if (strncmp(par->table, "mangle", 7)) {

			pr_info_ratelimited("--map-set only usable from mangle table\n");

			return -EINVAL;

			ret = -EINVAL;

			goto cleanup_del;

		}

		if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) |

		     (info->flags & IPSET_FLAG_MAP_SKBQUEUE)) &&
@@ -474,20 +474,16 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par) 
					 1 << NF_INET_LOCAL_OUT |

					 1 << NF_INET_POST_ROUTING))) {

			pr_info_ratelimited("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n");

			return -EINVAL;

			ret = -EINVAL;

			goto cleanup_del;

		}

		index = ip_set_nfnl_get_byindex(par->net,

						info->map_set.index);

		if (index == IPSET_INVALID_ID) {

			pr_info_ratelimited("Cannot find map_set index %u as target\n",

					    info->map_set.index);

			if (info->add_set.index != IPSET_INVALID_ID)

				ip_set_nfnl_put(par->net,

						info->add_set.index);

			if (info->del_set.index != IPSET_INVALID_ID)

				ip_set_nfnl_put(par->net,

						info->del_set.index);

			return -ENOENT;

			ret = -ENOENT;

			goto cleanup_del;

		}

	}
@@ -495,16 +491,21 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par) 
	    info->del_set.dim > IPSET_DIM_MAX ||

	    info->map_set.dim > IPSET_DIM_MAX) {

		pr_info_ratelimited("SET target dimension over the limit!\n");

		if (info->add_set.index != IPSET_INVALID_ID)

			ip_set_nfnl_put(par->net, info->add_set.index);

		if (info->del_set.index != IPSET_INVALID_ID)

			ip_set_nfnl_put(par->net, info->del_set.index);

		if (info->map_set.index != IPSET_INVALID_ID)

			ip_set_nfnl_put(par->net, info->map_set.index);

		return -ERANGE;

		ret = -ERANGE;

		goto cleanup_mark;

	}



	return 0;

cleanup_mark:

	if (info->map_set.index != IPSET_INVALID_ID)

		ip_set_nfnl_put(par->net, info->map_set.index);

cleanup_del:

	if (info->del_set.index != IPSET_INVALID_ID)

		ip_set_nfnl_put(par->net, info->del_set.index);

cleanup_add:

	if (info->add_set.index != IPSET_INVALID_ID)

		ip_set_nfnl_put(par->net, info->add_set.index);

	return ret;

}



static void