Skip to content

Commit

Permalink
netfilter: nfnetlink: check callbacks before using those in nfnetlink…
Browse files Browse the repository at this point in the history
…_rcv_msg

nfnetlink_rcv_msg() might call a NULL callback which will cause NULL pointer
dereference.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  • Loading branch information
Tomasz Bursztyka authored and Pablo Neira Ayuso committed Jul 4, 2012
1 parent be0593c commit 59560a3
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion net/netfilter/nfnetlink.c
Original file line number Diff line number Diff line change
Expand Up @@ -184,9 +184,11 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
lockdep_is_held(&nfnl_mutex)) != ss ||
nfnetlink_find_client(type, ss) != nc)
err = -EAGAIN;
else
else if (nc->call)
err = nc->call(net->nfnl, skb, nlh,
(const struct nlattr **)cda);
else
err = -EINVAL;
nfnl_unlock();
}
if (err == -EAGAIN)
Expand Down

0 comments on commit 59560a3

Please sign in to comment.