Commit 51df784e authored Nov 09, 2005 by Pablo Neira Ayuso Committed by David S. Miller Nov 09, 2005

[NETFILTER] ctnetlink: check if protoinfo is present



This fixes an oops triggered from userspace. If we don't pass information
about the private protocol info, the reference to attr will be NULL. This is
likely to happen in update messages.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent a2506c04

net/ipv4/netfilter/ip_conntrack_proto_tcp.c

+5 −0

Original line number	Diff line number	Diff line
		@@ -362,6 +362,11 @@ static int nfattr_to_tcp(struct nfattr cda[], struct ip_conntrack ct)
		struct nfattr *attr = cda[CTA_PROTOINFO_TCP-1];
		struct nfattr *tb[CTA_PROTOINFO_TCP_MAX];

		/* updates could not contain anything about the private
		* protocol info, in that case skip the parsing */
		if (!attr)
		return 0;

		nfattr_parse_nested(tb, CTA_PROTOINFO_TCP_MAX, attr);

		if (!tb[CTA_PROTOINFO_TCP_STATE-1])