git.openwrt.org Git - openwrt/staging/stintel.git/commit

author	Cong Wang <xiyou.wangcong@gmail.com>
	Sun, 25 Aug 2019 12:35:06 +0000 (05:35 -0700)
committer	Hauke Mehrtens <hauke@hauke-m.de>
	Sun, 1 Sep 2019 16:38:04 +0000 (18:38 +0200)
commit	7735cce0c5c306bd9eea20ca2805e4a492c02be9
tree	06c260348c079366ba373f1ed94fa55085769126	tree \| snapshot
parent	02169bd3f8ccfa3076bb4d46e979d2fdcc7d413e	commit \| diff

kernel: net_sched: fix a NULL pointer deref in ipt action

The net pointer in struct xt_tgdtor_param is not explicitly
initialized therefore is still NULL when dereferencing it.
So we have to find a way to pass the correct net pointer to
ipt_destroy_target().

The best way I find is just saving the net pointer inside the per
netns struct tcf_idrinfo, which could make this patch smaller.

Fixes: 0c66dc1ea3f0 ("netfilter: conntrack: register hooks in netns when needed by ruleset")
Reported-and-tested-by: Tony Ambardar <itugrok@xxxxxxxxx>
Cc: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Cc: Jiri Pirko <jiri@xxxxxxxxxxx>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
[Backport for kernel v4.19 and v4.14]
Link: https://bugzilla.kernel.org/show_bug.cgi?id=204681]
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>

target/linux/generic/backport-4.14/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch		diff \| blob \| history
target/linux/generic/backport-4.14/390-v5.3-net-sched-fix-action-ipt-crash.patch	[new file with mode: 0644]	blob
target/linux/generic/backport-4.19/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch		diff \| blob \| history
target/linux/generic/backport-4.19/390-v5.3-net-sched-fix-action-ipt-crash.patch	[new file with mode: 0644]	blob