On Wed, Dec 05, 2018 at 08:56:29PM +0800, Yafang Shao wrote: > nf_ct_l4proto_net() may return NULL. > That may happens if some module forget to set both l4proto->get_net_proto > and l4proto->net_id. > We'd check the return value here, in case crash happens. > > Signed-off-by: Yafang Shao <laoar.shao@xxxxxxxxx> > --- > net/netfilter/nf_conntrack_proto.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c > index 154e8c0..316fef3 100644 > --- a/net/netfilter/nf_conntrack_proto.c > +++ b/net/netfilter/nf_conntrack_proto.c > @@ -946,6 +946,9 @@ int nf_conntrack_proto_pernet_init(struct net *net) > struct nf_proto_net *pn = nf_ct_l4proto_net(net, > &nf_conntrack_l4proto_generic); There is another spot missing in this file that is missing the check for NULL. We can probably simplify all this is we place the gre conntracker in the conntrack core, as it's been suggested already. It's the only one remaining as a module and it now supports for IPv6, so it's probably better follow that path.
