On 2021-03-31 22:46, Pablo Neira Ayuso wrote:
> On Fri, Mar 26, 2021 at 01:38:59PM -0400, Richard Guy Briggs wrote:
> > @@ -8006,12 +7966,65 @@ static void nft_commit_notify(struct net *net, u32 portid)
> > WARN_ON_ONCE(!list_empty(&net->nft.notify_list));
> > }
> >
> > +static int nf_tables_commit_audit_alloc(struct list_head *adl,
> > + struct nft_table *table)
> > +{
> > + struct nft_audit_data *adp;
> > +
> > + list_for_each_entry(adp, adl, list) {
> > + if (adp->table == table)
> > + return 0;
> > + }
> > + adp = kzalloc(sizeof(*adp), GFP_KERNEL);
> > + if (!adp)
> > + return -ENOMEM;
> > + adp->table = table;
> > + INIT_LIST_HEAD(&adp->list);
>
> This INIT_LIST_HEAD is not required for an object that is going to be
> inserted into the 'adl' list.
>
> > + list_add(&adp->list, adl);
>
> If no objections, I'll amend this patch. I'll include the UAF fix and
> remove this unnecessary INIT_LIST_HEAD.
Ok, so it is harmless other than being code noise and overhead, thanks again.
- RGB
--
Richard Guy Briggs <rgb@xxxxxxxxxx>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635
