• C
    net_sched: fix a NULL pointer deref in ipt action · 981471bd
    Cong Wang 提交于
    The net pointer in struct xt_tgdtor_param is not explicitly
    initialized therefore is still NULL when dereferencing it.
    So we have to find a way to pass the correct net pointer to
    ipt_destroy_target().
    
    The best way I find is just saving the net pointer inside the per
    netns struct tcf_idrinfo, which could make this patch smaller.
    
    Fixes: 0c66dc1e ("netfilter: conntrack: register hooks in netns when needed by ruleset")
    Reported-and-tested-by: itugrok@yahoo.com
    Cc: Jamal Hadi Salim <jhs@mojatatu.com>
    Cc: Jiri Pirko <jiri@resnulli.us>
    Signed-off-by: NCong Wang <xiyou.wangcong@gmail.com>
    Signed-off-by: NDavid S. Miller <davem@davemloft.net>
    981471bd
act_police.c 10.3 KB