[NETFILTER] ctnetlink: Fix oops when no ICMP ID info in message This patch fixes an userspace triggered oops. If there is no ICMP_ID info the reference to attr will be NULL.
Signed-off-by: Krzysztof Piotr Oledzki <[EMAIL PROTECTED]>
Signed-off-by: Pablo Neira Ayuso <[EMAIL PROTECTED]>
Signed-off-by: Harald Welte <[EMAIL PROTECTED]>
---
commit 0dacadb7aafa3e6ad1c234b02149be9a07e80294
tree a325acaca988956ab4115b1e33115957659153c3
parent b98f5d02ab4cecbe4c3b038287e064973be27dcb
author Krzysztof Piotr Oledzki <[EMAIL PROTECTED]> Tue, 08 Nov 2005 15:57:19
+0100
committer Harald Welte <[EMAIL PROTECTED]> Tue, 08 Nov 2005 15:57:19 +0100
net/ipv4/netfilter/ip_conntrack_proto_icmp.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
--- a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
@@ -296,7 +296,8 @@ static int icmp_nfattr_to_tuple(struct n
struct ip_conntrack_tuple *tuple)
{
if (!tb[CTA_PROTO_ICMP_TYPE-1]
- || !tb[CTA_PROTO_ICMP_CODE-1])
+ || !tb[CTA_PROTO_ICMP_CODE-1]
+ || !tb[CTA_PROTO_ICMP_ID-1])
return -1;
tuple->dst.u.icmp.type =
--
- Harald Welte <[EMAIL PROTECTED]> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
pgpvxCOdTvqnj.pgp
Description: PGP signature
