Hi,
Static analysis with Coverity on linux-next has found a potential issue
with the following commit:
commit 857b46027d6f91150797295752581b7155b9d0e1
Author: Stéphane Veyret <sveyret@xxxxxxxxx>
Date: Sat May 25 15:30:58 2019 +0200
netfilter: nft_ct: add ct expectations support
Specifically in function nft_ct_expect_obj_eval)() in the following code:
+ help = nfct_help(ct);
+ if (!help)
+ help = nf_ct_helper_ext_add(ct, GFP_ATOMIC);
+
+ if (help->expecting[NF_CT_EXPECT_CLASS_DEFAULT] >= priv->size) {
+ regs->verdict.code = NFT_BREAK;
+ return;
+ }
The call to nf_ct_helper_ext_add can potentially return NULL, however,
this is not being checked and pointer 'help' is being dereferenced even
though it potentially can be null.
Colin
