diff options
author | Florian Westphal <fw@strlen.de> | 2018-06-11 22:22:19 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-06-12 19:31:07 +0200 |
commit | c05a45c0865d986a8aea373cd5297dbfded6882e (patch) | |
tree | 106b985b3dc7d29d872bef4436116838b88cc166 | |
parent | adc972c5b88829d38ede08b1069718661c7330ae (diff) | |
download | op-kernel-dev-c05a45c0865d986a8aea373cd5297dbfded6882e.zip op-kernel-dev-c05a45c0865d986a8aea373cd5297dbfded6882e.tar.gz |
netfilter: ctnetlink: avoid null pointer dereference
Dan Carpenter points out that deref occurs after NULL check, we should
re-fetch the pointer and check that instead.
Fixes: 2c205dd3981f7 ("netfilter: add struct nf_nat_hook and use it")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 39327a4..20a2e37 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -1446,7 +1446,8 @@ ctnetlink_parse_nat_setup(struct nf_conn *ct, } nfnl_lock(NFNL_SUBSYS_CTNETLINK); rcu_read_lock(); - if (nat_hook->parse_nat_setup) + nat_hook = rcu_dereference(nf_nat_hook); + if (nat_hook) return -EAGAIN; #endif return -EOPNOTSUPP; |