diff options
| author | David S. Miller | 2012-04-02 02:28:52 +0200 |
|---|---|---|
| committer | David S. Miller | 2012-04-02 10:33:43 +0200 |
| commit | e549a6b3a5acff66f0427091e44f814943a26a86 (patch) | |
| tree | 909c86eb9b7bc40efc0743927f92c77bb4b644fb /net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | |
| parent | ipv6: Stop using NLA_PUT*(). (diff) | |
| download | kernel-qcow2-linux-e549a6b3a5acff66f0427091e44f814943a26a86.tar.gz kernel-qcow2-linux-e549a6b3a5acff66f0427091e44f814943a26a86.tar.xz kernel-qcow2-linux-e549a6b3a5acff66f0427091e44f814943a26a86.zip | |
netfilter: ipv6: Stop using NLA_PUT*().
These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c')
| -rw-r--r-- | net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c index 4111050a9fc5..fe925e492520 100644 --- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c @@ -278,10 +278,11 @@ static struct nf_hook_ops ipv6_conntrack_ops[] __read_mostly = { static int ipv6_tuple_to_nlattr(struct sk_buff *skb, const struct nf_conntrack_tuple *tuple) { - NLA_PUT(skb, CTA_IP_V6_SRC, sizeof(u_int32_t) * 4, - &tuple->src.u3.ip6); - NLA_PUT(skb, CTA_IP_V6_DST, sizeof(u_int32_t) * 4, - &tuple->dst.u3.ip6); + if (nla_put(skb, CTA_IP_V6_SRC, sizeof(u_int32_t) * 4, + &tuple->src.u3.ip6) || + nla_put(skb, CTA_IP_V6_DST, sizeof(u_int32_t) * 4, + &tuple->dst.u3.ip6)) + goto nla_put_failure; return 0; nla_put_failure: |