mirror of
https://git.openwrt.org/openwrt/openwrt.git
synced 2024-06-15 11:43:54 +02:00
e39414ed07
Refreshed all patches Dropped upstreamed patches: 522-PCI-aardvark-fix-logic-in-PCI-configuration-read-write-functions.patch 523-PCI-aardvark-set-PIO_ADDR_LS-correctly-in-advk_pcie_rd_conf.patch 525-PCI-aardvark-use-isr1-instead-of-isr0-interrupt-in-legacy-irq-mode.patch 527-PCI-aardvark-fix-PCIe-max-read-request-size-setting.patch updated patches: 524-PCI-aardvark-set-host-and-device-to-the-same-MAX-payload-size.patch 030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch Added new ARM64 symbol: CONFIG_ARM64_ERRATUM_1024718 Compile-tested on: cns3xxx, imx6, mvebu (arm64), x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
31 lines
892 B
Diff
31 lines
892 B
Diff
From: Hangbin Liu <liuhangbin@gmail.com>
|
|
Date: Mon, 25 Dec 2017 11:34:54 +0800
|
|
Subject: [PATCH] netfilter: nf_tables: fix potential NULL-ptr deref in
|
|
nf_tables_dump_obj_done()
|
|
|
|
If there is no NFTA_OBJ_TABLE and NFTA_OBJ_TYPE, the c.data will be NULL in
|
|
nf_tables_getobj(). So before free filter->table in nf_tables_dump_obj_done(),
|
|
we need to check if filter is NULL first.
|
|
|
|
Fixes: e46abbcc05aa ("netfilter: nf_tables: Allow table names of up to 255 chars")
|
|
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
|
|
Acked-by: Phil Sutter <phil@nwl.cc>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
---
|
|
|
|
--- a/net/netfilter/nf_tables_api.c
|
|
+++ b/net/netfilter/nf_tables_api.c
|
|
@@ -5269,8 +5269,10 @@ static int nf_tables_dump_flowtable_done
|
|
if (!filter)
|
|
return 0;
|
|
|
|
- kfree(filter->table);
|
|
- kfree(filter);
|
|
+ if (filter) {
|
|
+ kfree(filter->table);
|
|
+ kfree(filter);
|
|
+ }
|
|
|
|
return 0;
|
|
}
|