[ulogd2] NFCT: fix NULL dereference when hashtable is full
Pablo Neira
netfilter-cvslog-bounces at lists.netfilter.org
Tue Jun 23 19:19:55 CEST 2009
Gitweb: http://git.netfilter.org/cgi-bin/gitweb.cgi?p=ulogd2.git;a=commit;h=e664524e05ad555cfb0e7851a7cfeb573fcc27b5
commit e664524e05ad555cfb0e7851a7cfeb573fcc27b5
Author: Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Tue Jun 23 17:38:18 2009 +0200
Commit: Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Tue Jun 23 17:38:18 2009 +0200
NFCT: fix NULL dereference when hashtable is full
This patch fixes a NULL dereference to the timestamp structure when
hashtable_add() fails, for example, because the hashtable is full.
Reported-by: Bernhard Schmidt <berni at birkenwald.de>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
via e664524e05ad555cfb0e7851a7cfeb573fcc27b5 (commit)
from 072959dbc1778a8f85aac9d6ef842ce9222d1fea (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e664524e05ad555cfb0e7851a7cfeb573fcc27b5
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Tue Jun 23 17:38:18 2009 +0200
NFCT: fix NULL dereference when hashtable is full
This patch fixes a NULL dereference to the timestamp structure when
hashtable_add() fails, for example, because the hashtable is full.
Reported-by: Bernhard Schmidt <berni at birkenwald.de>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
-----------------------------------------------------------------------
input/flow/ulogd_inpflow_NFCT.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
This patch fixes a NULL dereference to the timestamp structure when
hashtable_add() fails, for example, because the hashtable is full.
Reported-by: Bernhard Schmidt <berni at birkenwald.de>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c
index b8278af..b16687e 100644
--- a/input/flow/ulogd_inpflow_NFCT.c
+++ b/input/flow/ulogd_inpflow_NFCT.c
@@ -596,6 +596,9 @@ static int event_handler(enum nf_conntrack_msg_type type,
switch(type) {
case NFCT_T_NEW:
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL);
return NFCT_CB_STOLEN;
case NFCT_T_UPDATE:
@@ -604,6 +607,9 @@ static int event_handler(enum nf_conntrack_msg_type type,
nfct_copy(ts->ct, ct, NFCT_CP_META);
else {
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL);
return NFCT_CB_STOLEN;
}
@@ -734,6 +740,9 @@ static int overrun_handler(enum nf_conntrack_msg_type type,
/* if it does not exist, add it */
if (!hashtable_get(cpi->ct_active, &tmp)) {
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL); /* do our best here */
return NFCT_CB_STOLEN;
}
More information about the netfilter-cvslog
mailing list