On Thu, Apr 06, 2017 at 07:19:34PM +0800, gfree.wind@xxxxxxxxxxx wrote:
> From: Gao Feng <fgao@xxxxxxxxxx>
>
> When nf_ct_timeout_ext_add failed in xt_ct_set_timeout, it should
> free the timeout refcnt.
>
> Now goto the err_put_timeout error handler instead of going ahead.
>
> Signed-off-by: Gao Feng <fgao@xxxxxxxxxx>
> ---
> v2: Keep the ret = -ENOMEM, per Gao Feng
> v1: initial version
>
> net/netfilter/xt_CT.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c
> index b008db0..a1783b6 100644
> --- a/net/netfilter/xt_CT.c
> +++ b/net/netfilter/xt_CT.c
> @@ -167,8 +167,10 @@ static void __xt_ct_tg_timeout_put(struct ctnl_timeout *timeout)
> goto err_put_timeout;
> }
> timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC);
> - if (timeout_ext == NULL)
> + if (!timeout_ext) {
> ret = -ENOMEM;
> + goto err_put_timeout;
> + }
This also needs to be fixed, just a few line after this:
timeout_ext = nf_ct_timeout_ext_add(ct, timeout, GFP_ATOMIC);
if (timeout_ext == NULL)
ret = -ENOMEM;
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
