[NETFILTER] ctnetlink: Fix oops when no ICMP ID info in message
authorKrzysztof Piotr Oledzki <ole@ans.pl>
Wed, 9 Nov 2005 21:04:08 +0000 (13:04 -0800)
committerDavid S. Miller <davem@davemloft.net>
Wed, 9 Nov 2005 21:04:08 +0000 (13:04 -0800)
This patch fixes an userspace triggered oops. If there is no ICMP_ID
info the reference to attr will be NULL.

Signed-off-by: Krzysztof Piotr Oledzki <ole@ans.pl>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/netfilter/ip_conntrack_proto_icmp.c

index 9481d159acb6f22035fab7797ff61fd462696479..083951e20690301027dfa45426397b6f5c441686 100644 (file)
@@ -296,7 +296,8 @@ static int icmp_nfattr_to_tuple(struct nfattr *tb[],
                                struct ip_conntrack_tuple *tuple)
 {
        if (!tb[CTA_PROTO_ICMP_TYPE-1]
-           || !tb[CTA_PROTO_ICMP_CODE-1])
+           || !tb[CTA_PROTO_ICMP_CODE-1]
+           || !tb[CTA_PROTO_ICMP_ID-1])
                return -1;
 
        tuple->dst.u.icmp.type =