diff options
| author | Reshetova, Elena | 2017-03-16 09:03:34 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso | 2017-03-17 12:49:43 +0100 |
| commit | b54ab92b84b6161f91b1ad9160199422b3699009 (patch) | |
| tree | f51f7300565a7d11414da624a9e65afa21e84221 /net/netfilter/nf_conntrack_netlink.c | |
| parent | ipvs: Document sysctl pmtu_disc (diff) | |
| download | kernel-qcow2-linux-b54ab92b84b6161f91b1ad9160199422b3699009.tar.gz kernel-qcow2-linux-b54ab92b84b6161f91b1ad9160199422b3699009.tar.xz kernel-qcow2-linux-b54ab92b84b6161f91b1ad9160199422b3699009.zip | |
netfilter: refcounter conversions
refcount_t type and corresponding API (see include/linux/refcount.h)
should be used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Hans Liljestrand <ishkamiel@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Windsor <dwindsor@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_conntrack_netlink.c')
| -rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 6806b5e73567..d49cc1e03c5b 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -2693,7 +2693,7 @@ restart: cb->nlh->nlmsg_seq, IPCTNL_MSG_EXP_NEW, exp) < 0) { - if (!atomic_inc_not_zero(&exp->use)) + if (!refcount_inc_not_zero(&exp->use)) continue; cb->args[1] = (unsigned long)exp; goto out; @@ -2739,7 +2739,7 @@ restart: cb->nlh->nlmsg_seq, IPCTNL_MSG_EXP_NEW, exp) < 0) { - if (!atomic_inc_not_zero(&exp->use)) + if (!refcount_inc_not_zero(&exp->use)) continue; cb->args[1] = (unsigned long)exp; goto out; |