iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: nf_tables: fix unexpected EOPNOTSUPP error

Browse Source 
If the object type doesn't implement an update operation and the user tries to
update it will silently ignore the update operation.

Fixes: aa4095a156b5 ("netfilter: nf_tables: fix possible null-pointer dereference in object update")
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Fernando Fernandez Mancera 2019-11-02 21:59:44 +01:00 committed by Pablo Neira Ayuso
parent 250367c59e
commit 9fedd894b4
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
net/netfilter/nf_tables_api.c
View File

@ -5143,9 +5143,6 @@ static int nf_tables_updobj(const struct nft_ctx *ctx,
struct nft_trans *trans; struct nft_trans *trans;
int err; int err;
if (!obj->ops->update)
return -EOPNOTSUPP;
trans = nft_trans_alloc(ctx, NFT_MSG_NEWOBJ, trans = nft_trans_alloc(ctx, NFT_MSG_NEWOBJ,
sizeof(struct nft_trans_obj)); sizeof(struct nft_trans_obj));
if (!trans) if (!trans)
@ -6499,7 +6496,8 @@ static void nft_obj_commit_update(struct nft_trans *trans)
obj = nft_trans_obj(trans); obj = nft_trans_obj(trans);
newobj = nft_trans_obj_newobj(trans); newobj = nft_trans_obj_newobj(trans);
obj->ops->update(obj, newobj); if (obj->ops->update)
obj->ops->update(obj, newobj);
kfree(newobj); kfree(newobj);
} }