Commit 23d07508 authored by Gao Feng's avatar Gao Feng Committed by Pablo Neira Ayuso
Browse files

netfilter: Add the missed return value check of nft_register_chain_type 



There are some codes of netfilter module which did not check the return
value of nft_register_chain_type. Add the checks now.

Signed-off-by: default avatarGao Feng <fgao@ikuai8.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 4e6577de

net/bridge/netfilter/nf_tables_bridge.c

+13 −5
Original line number Diff line number Diff line
@@ -139,12 +139,20 @@ static int __init nf_tables_bridge_init(void) 
	int ret;



	nf_register_afinfo(&nf_br_afinfo);

	nft_register_chain_type(&filter_bridge);

	ret = nft_register_chain_type(&filter_bridge);

	if (ret < 0)

		goto err1;



	ret = register_pernet_subsys(&nf_tables_bridge_net_ops);

	if (ret < 0) {

	if (ret < 0)

		goto err2;



	return ret;



err2:

	nft_unregister_chain_type(&filter_bridge);

err1:

	nf_unregister_afinfo(&nf_br_afinfo);

	}

	return ret;

}

net/ipv4/netfilter/nf_tables_arp.c

+4 −1
Original line number Diff line number Diff line
@@ -80,7 +80,10 @@ static int __init nf_tables_arp_init(void) 
{

	int ret;



	nft_register_chain_type(&filter_arp);

	ret = nft_register_chain_type(&filter_arp);

	if (ret < 0)

		return ret;



	ret = register_pernet_subsys(&nf_tables_arp_net_ops);

	if (ret < 0)

		nft_unregister_chain_type(&filter_arp);

net/ipv4/netfilter/nf_tables_ipv4.c

+4 −1
Original line number Diff line number Diff line
@@ -103,7 +103,10 @@ static int __init nf_tables_ipv4_init(void) 
{

	int ret;



	nft_register_chain_type(&filter_ipv4);

	ret = nft_register_chain_type(&filter_ipv4);

	if (ret < 0)

		return ret;



	ret = register_pernet_subsys(&nf_tables_ipv4_net_ops);

	if (ret < 0)

		nft_unregister_chain_type(&filter_ipv4);

net/ipv6/netfilter/nf_tables_ipv6.c

+4 −1
Original line number Diff line number Diff line
@@ -100,7 +100,10 @@ static int __init nf_tables_ipv6_init(void) 
{

	int ret;



	nft_register_chain_type(&filter_ipv6);

	ret = nft_register_chain_type(&filter_ipv6);

	if (ret < 0)

		return ret;



	ret = register_pernet_subsys(&nf_tables_ipv6_net_ops);

	if (ret < 0)

		nft_unregister_chain_type(&filter_ipv6);

net/netfilter/nf_tables_inet.c

+4 −1
Original line number Diff line number Diff line
@@ -82,7 +82,10 @@ static int __init nf_tables_inet_init(void) 
{

	int ret;



	nft_register_chain_type(&filter_inet);

	ret = nft_register_chain_type(&filter_inet);

	if (ret < 0)

		return ret;



	ret = register_pernet_subsys(&nf_tables_inet_net_ops);

	if (ret < 0)

		nft_unregister_chain_type(&filter_inet);

CRA Git | Maintained and supported by SUSTech CRA and CCSE