lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <201204032048.GFH51564.QSOVLMOOJHtFFF@I-love.SAKURA.ne.jp>
Date:	Tue, 3 Apr 2012 20:48:21 +0900
From:	Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:	pablo@...filter.org
Cc:	netdev@...r.kernel.org
Subject: Re: [PATCH 3/3] netfilter: xt_CT: remove a compile warning

One more question.

Tetsuo Handa wrote:
> 216 #ifdef CONFIG_NF_CONNTRACK_TIMEOUT
> 217         if (info->timeout) {
> 218                 typeof(nf_ct_timeout_find_get_hook) timeout_find_get;
> 219                 struct ctnl_timeout *timeout;
> 220                 struct nf_conn_timeout *timeout_ext;
> 221 
> 222                 rcu_read_lock();
> 223                 timeout_find_get =
> 224                         rcu_dereference(nf_ct_timeout_find_get_hook);
> 225 
> 226                 if (timeout_find_get) {

I assume timeout_find_get points to e.g. ctnl_timeout_find_get in
net/netfilter/nfnetlink_cttimeout.c . If yes,

> 227                         const struct ipt_entry *e = par->entryinfo;
> 228                         struct nf_conntrack_l4proto *l4proto;
> 229 
> 230                         if (e->ip.invflags & IPT_INV_PROTO) {
> 231                                 ret = -EINVAL;
> 232                                 pr_info("You cannot use inversion on "
> 233                                          "L4 protocol\n");
> 234                                 goto err4;
> 235                         }
> 236                         timeout = timeout_find_get(info->timeout);
> 237                         if (timeout == NULL) {
> 238                                 ret = -ENOENT;
> 239                                 pr_info("No such timeout policy \"%s\"\n",
> 240                                         info->timeout);
> 241                                 goto err4;
> 242                         }

I think "goto err4;" after successful timeout_find_get() wants e.g.
nf_ct_timeout_put_hook call (e.g. ctnl_timeout_put()).

> 243                         if (timeout->l3num != par->family) {
> 244                                 ret = -EINVAL;
> 245                                 pr_info("Timeout policy `%s' can only be "
> 246                                         "used by L3 protocol number %d\n",
> 247                                         info->timeout, timeout->l3num);
> 248                                 goto err4;
> 249                         }
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ