Commit 50c9cc2e authored by Jaroslav Kysela's avatar Jaroslav Kysela Committed by David S. Miller
Browse files

[NETFILTER]: ipt_CLUSTERIP: fix oops in checkentry function 



The clusterip_config_find_get() already increases entries reference
counter, so there is no reason to do it twice in checkentry() callback.

This causes the config to be freed before it is removed from the list,
resulting in a crash when adding the next rule.

Signed-off-by: default avatarJaroslav Kysela <perex@suse.cz>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 15d33c07

net/ipv4/netfilter/ipt_CLUSTERIP.c

+0 −2
Original line number Diff line number Diff line
@@ -411,12 +411,10 @@ checkentry(const char *tablename, 
				       "has invalid config pointer!\n");

				return 0;

			}

			clusterip_config_entry_get(cipinfo->config);

		} else {

			/* Case B: This is a new rule referring to an existing

			 * clusterip config. */

			cipinfo->config = config;

			clusterip_config_entry_get(cipinfo->config);

		}

	} else {

		/* Case C: This is a completely new clusterip config */

CRA Git | Maintained and supported by SUSTech CRA and CCSE