On Wed, Jan 12, 2022 at 09:26:57AM +0300, Dan Carpenter wrote:
> On Tue, Jan 11, 2022 at 10:33:41AM +0100, Pablo Neira Ayuso wrote:
> > On Tue, Jan 11, 2022 at 10:45:05AM +0300, Dan Carpenter wrote:
> > > On Tue, Jan 11, 2022 at 10:21:15AM +0300, Dan Carpenter wrote:
> > > > These NULL checks are reversed so the clone() can never succeed.
> > > >
> > > > Fixes: 37f319f37d90 ("netfilter: nft_connlimit: move stateful fields out of expression data")
> > > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> > > > ---
> > > > v2: fix a couple similar bugs
> > >
> > > Gar. Nope. Missed one still.
> >
> > Already fixed in net-next
>
> Maybe I misunderstood. Are all four functions fixed?
>
> I'm looking at net-next and nft_connlimit_clone() is still broken.
Sorry, patch in the net tree:
commit 51edb2ff1c6fc27d3fa73f0773a31597ecd8e230
Author: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Date: Mon Jan 10 20:48:17 2022 +0100
netfilter: nf_tables: typo NULL check in _clone() function
net-next is out of sync at this stage, until merge window reopens it
might stay like this.
