Hello, On Wed, 25 Apr 2012, Hans Schillstrom wrote: > ip_vs_create_timeout_table() can return NULL > All functions protocol init_netns is affected of this patch. > > Signed-off-by: Hans Schillstrom <hans.schillstrom@xxxxxxxxxxxx> > --- > diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c > index 6a8d176..0b74795 100644 > --- a/net/netfilter/ipvs/ip_vs_proto.c > +++ b/net/netfilter/ipvs/ip_vs_proto.c > @@ -79,7 +79,7 @@ register_ip_vs_proto_netns(struct net *net, struct ip_vs_protocol *pp) > atomic_set(&pd->appcnt, 0); /* Init app counter */ > > if (pp->init_netns != NULL) > - pp->init_netns(net, pd); > + return pp->init_netns(net, pd); May be it is better to unlink and free the pd here if init_netns fails. Currently, protocols attach only allocated pointer (pd->timeout_table) and it is not a big problem to call exit_netns on failure but lets do it safely, every init handler should release its data on failure and then we should not call exit_netns. Patch 1 looks ok and I'll ack it next time. Regards -- Julian Anastasov <ja@xxxxxx> -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
