netfilter: nfnetlink: check callbacks before using those in nfnetlink_rcv_msg

nfnetlink_rcv_msg() might call a NULL callback which will cause NULL pointer dereference. Signed-off-by: N Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>

netfilter: nfnetlink: check callbacks before using those in nfnetlink_rcv_msg
nfnetlink_rcv_msg() might call a NULL callback which will cause NULL pointer dereference. Signed-off-by: N Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org>
59560a38 · Tomasz Bursztyka · Pablo Neira Ayuso · be0593c6 · 59560a38
隐藏空白更改
内联并排

Showing with 3 addition and 1 deletion

net/netfilter/nfnetlink.c net/netfilter/nfnetlink.c +3 -1

未找到文件。
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -184,9 +184,11 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
 					lockdep_is_held(&nfnl_mutex)) != ss ||
 			    nfnetlink_find_client(type, ss) != nc)
 				err = -EAGAIN;
-			else
+			else if (nc->call)
 				err = nc->call(net->nfnl, skb, nlh,
 						   (const struct nlattr **)cda);
+			else
+				err = -EINVAL;
 			nfnl_unlock();
 		}
 		if (err == -EAGAIN)