[NETFILTER]: conntrack: fix refcount leak when finding expectation (2e47c264) · Commits · e / devices / android_kernel_teracube_2e

net/ipv4/netfilter/ip_conntrack_core.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -225,11 +225,9 @@ __ip_conntrack_expect_find(const struct ip_conntrack_tuple *tuple)
		struct ip_conntrack_expect *i;

		list_for_each_entry(i, &ip_conntrack_expect_list, list) {
		if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) {
		atomic_inc(&i->use);
		if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask))
		return i;
		}
		}
		return NULL;
		}

		@@ -241,6 +239,8 @@ ip_conntrack_expect_find(const struct ip_conntrack_tuple *tuple)

		read_lock_bh(&ip_conntrack_lock);
		i = __ip_conntrack_expect_find(tuple);
		if (i)
		atomic_inc(&i->use);
		read_unlock_bh(&ip_conntrack_lock);

		return i;

+3 −3

Original line number	Diff line number	Diff line
		@@ -469,11 +469,9 @@ __nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple)
		struct nf_conntrack_expect *i;

		list_for_each_entry(i, &nf_conntrack_expect_list, list) {
		if (nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) {
		atomic_inc(&i->use);
		if (nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask))
		return i;
		}
		}
		return NULL;
		}

		@@ -485,6 +483,8 @@ nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple)

		read_lock_bh(&nf_conntrack_lock);
		i = __nf_conntrack_expect_find(tuple);
		if (i)
		atomic_inc(&i->use);
		read_unlock_bh(&nf_conntrack_lock);

		return i;