Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 75820676 authored by Patrick McHardy's avatar Patrick McHardy Committed by Pablo Neira Ayuso
Browse files

netfilter: nf_tables: fix check for table overflow 



The table use counter is only increased for new chains, so move the check
to the correct position.

Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 4401a862

net/netfilter/nf_tables_api.c

+3 −3
Original line number Diff line number Diff line
@@ -834,9 +834,6 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb, 
	if (IS_ERR(table))

		return PTR_ERR(table);



	if (table->use == UINT_MAX)

		return -EOVERFLOW;



	chain = NULL;

	name = nla[NFTA_CHAIN_NAME];
@@ -899,6 +896,9 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb, 
		goto notify;

	}



	if (table->use == UINT_MAX)

		return -EOVERFLOW;



	if (nla[NFTA_CHAIN_HOOK]) {

		struct nf_hook_ops *ops;

		nf_hookfn *hookfn;