提交 eaae4fa4 编写于 作者: Y Yasuyuki Kozakai 提交者: David S. Miller

[NETFILTER]: refcount leak of proto when ctnetlink dumping tuple

Signed-off-by: NYasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: NHarald Welte <laforge@netfilter.org>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 46998f59
...@@ -58,14 +58,17 @@ ctnetlink_dump_tuples_proto(struct sk_buff *skb, ...@@ -58,14 +58,17 @@ ctnetlink_dump_tuples_proto(struct sk_buff *skb,
const struct ip_conntrack_tuple *tuple) const struct ip_conntrack_tuple *tuple)
{ {
struct ip_conntrack_protocol *proto; struct ip_conntrack_protocol *proto;
int ret = 0;
NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
proto = ip_conntrack_proto_find_get(tuple->dst.protonum); proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
if (proto && proto->tuple_to_nfattr) if (likely(proto && proto->tuple_to_nfattr)) {
return proto->tuple_to_nfattr(skb, tuple); ret = proto->tuple_to_nfattr(skb, tuple);
ip_conntrack_proto_put(proto);
}
return 0; return ret;
nfattr_failure: nfattr_failure:
return -1; return -1;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册