Dong Chenchen <dongchenchen2@xxxxxxxxxx> wrote:
> net/netfilter/x_tables.c | 8 +++++---
> 1 file changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
> index da5d929c7c85..359c880ecb07 100644
> --- a/net/netfilter/x_tables.c
> +++ b/net/netfilter/x_tables.c
> @@ -1239,6 +1239,7 @@ struct xt_table *xt_find_table_lock(struct net *net, u_int8_t af,
> struct module *owner = NULL;
> struct xt_template *tmpl;
> struct xt_table *t;
> + int err = -ENOENT;
>
> mutex_lock(&xt[af].mutex);
> list_for_each_entry(t, &xt_net->tables[af], list)
> @@ -1247,8 +1248,6 @@ struct xt_table *xt_find_table_lock(struct net *net, u_int8_t af,
>
> /* Table doesn't exist in this netns, check larval list */
> list_for_each_entry(tmpl, &xt_templates[af], list) {
> - int err;
> -
> if (strcmp(tmpl->name, name))
> continue;
> if (!try_module_get(tmpl->me))
> @@ -1267,6 +1266,9 @@ struct xt_table *xt_find_table_lock(struct net *net, u_int8_t af,
> break;
> }
>
> + if (err < 0)
> + goto out;
> +
> /* and once again: */
> list_for_each_entry(t, &xt_net->tables[af], list)
> if (strcmp(t->name, name) == 0)
Proabably also:
- if (strcmp(t->name, name) == 0)
+ if (strcmp(t->name, name) == 0 && owner == t->me)
