On Tue, Jan 11, 2022 at 10:33:41AM +0100, Pablo Neira Ayuso wrote:
> On Tue, Jan 11, 2022 at 10:45:05AM +0300, Dan Carpenter wrote:
> > On Tue, Jan 11, 2022 at 10:21:15AM +0300, Dan Carpenter wrote:
> > > These NULL checks are reversed so the clone() can never succeed.
> > >
> > > Fixes: 37f319f37d90 ("netfilter: nft_connlimit: move stateful fields out of expression data")
> > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> > > ---
> > > v2: fix a couple similar bugs
> >
> > Gar. Nope. Missed one still.
>
> Already fixed in net-next
Maybe I misunderstood. Are all four functions fixed?
I'm looking at net-next and nft_connlimit_clone() is still broken.
regards,
dan carpenter
