netfilter: nft_ct: fix null pointer in ct expectations support

nf_ct_helper_ext_add may return null, which must then be checked. Fixes: 857b46027d6f ("netfilter: nft_ct: add ct expectations support") Reported-by: Colin Ian King <colin.king@canonical.com> Signed-off-by: Stéphane Veyret <sveyret@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Stéphane Veyret <sveyret@gmail.com> 2019-06-19 09:03:14 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-06-19 17:48:35 +0200
commit: 2f0513d487d2619c751fd08f5b7c64e759435ff4 (patch)
tree: 4c68ee80d0d77d19a72498a3c2dde28acaa5fc6e /net/netfilter/nft_ct.c
parent: 72c5e11854afb842e157353be0291d65b91725f5 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 06b52c894573..77dab1bdb3ca 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -1232,6 +1232,10 @@ static void nft_ct_expect_obj_eval(struct nft_object *obj,
 	help = nfct_help(ct);
 	if (!help)
 		help = nf_ct_helper_ext_add(ct, GFP_ATOMIC);
+	if (!help) {
+		regs->verdict.code = NF_DROP;
+		return;
+	}
 
 	if (help->expecting[NF_CT_EXPECT_CLASS_DEFAULT] >= priv->size) {
 		regs->verdict.code = NFT_BREAK;
author	Stéphane Veyret <sveyret@gmail.com>	2019-06-19 09:03:14 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-06-19 17:48:35 +0200
commit	2f0513d487d2619c751fd08f5b7c64e759435ff4 (patch)
tree	4c68ee80d0d77d19a72498a3c2dde28acaa5fc6e /net/netfilter/nft_ct.c
parent	72c5e11854afb842e157353be0291d65b91725f5 (diff)