Skip to content

Commit

Permalink
[NETFILTER]: nf_queue: handle NF_STOP and unknown verdicts in nf_rein…
Browse files Browse the repository at this point in the history 
…ject

In case of an unknown verdict or NF_STOP the packet leaks. Unknown verdicts
can happen when userspace is buggy. Reinject the packet in case of NF_STOP,
drop on unknown verdicts.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Patrick McHardy authored and David S. Miller committed Jul 25, 2006
1 parent 083edca commit 3bc3871
Showing 1 changed file with 4 additions and 5 deletions.
9 changes: 4 additions & 5 deletions net/netfilter/nf_queue.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -219,21 +219,20 @@ void nf_reinject(struct sk_buff *skb, struct nf_info *info,

switch (verdict & NF_VERDICT_MASK) {
case NF_ACCEPT:
case NF_STOP:
info->okfn(skb);
case NF_STOLEN:
break;

case NF_QUEUE:
if (!nf_queue(&skb, elem, info->pf, info->hook,
info->indev, info->outdev, info->okfn,
verdict >> NF_VERDICT_BITS))
goto next_hook;
break;
default:
kfree_skb(skb);
}
rcu_read_unlock();

if (verdict == NF_DROP)
kfree_skb(skb);

kfree(info);
return;
}
Expand Down

0 comments on commit 3bc3871

Please sign in to comment.