diff options
| author | Gao Feng | 2016-09-13 02:49:18 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso | 2016-09-13 10:50:56 +0200 |
| commit | 4440a2ab3b9f40dddbe006331ef0659c76859296 (patch) | |
| tree | 0fd1a6441ee46cc957ec089b158af8ca0efa90f8 /net/netfilter/nf_nat_core.c | |
| parent | netfilter: nf_nat: handle NF_DROP from nfnetlink_parse_nat_setup() (diff) | |
| download | kernel-qcow2-linux-4440a2ab3b9f40dddbe006331ef0659c76859296.tar.gz kernel-qcow2-linux-4440a2ab3b9f40dddbe006331ef0659c76859296.tar.xz kernel-qcow2-linux-4440a2ab3b9f40dddbe006331ef0659c76859296.zip | |
netfilter: synproxy: Check oom when adding synproxy and seqadj ct extensions
When memory is exhausted, nfct_seqadj_ext_add may fail to add the
synproxy and seqadj extensions. The function nf_ct_seqadj_init doesn't
check if get valid seqadj pointer by the nfct_seqadj.
Now drop the packet directly when fail to add seqadj extension to
avoid dereference NULL pointer in nf_ct_seqadj_init from
init_conntrack().
Signed-off-by: Gao Feng <fgao@ikuai8.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_nat_core.c')
| -rw-r--r-- | net/netfilter/nf_nat_core.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c index 19c081e1b328..ecee105bbada 100644 --- a/net/netfilter/nf_nat_core.c +++ b/net/netfilter/nf_nat_core.c @@ -441,7 +441,8 @@ nf_nat_setup_info(struct nf_conn *ct, ct->status |= IPS_DST_NAT; if (nfct_help(ct)) - nfct_seqadj_ext_add(ct); + if (!nfct_seqadj_ext_add(ct)) + return NF_DROP; } if (maniptype == NF_NAT_MANIP_SRC) { |