diff mbox

[nf-next] netfilter: add list element test to br_netfilter_hooks

Message ID f7tpol514kl.fsf@redhat.com
State Accepted
Delegated to: Pablo Neira
Headers show

Commit Message

Aaron Conole Dec. 6, 2016, 3:04 p.m. UTC 
The for-loop in the bridge hook entries assumes that the elements are
always present.  However, this assumption may not always be true.

Fixes: 66cfc1dd07c7 ("netfilter: convert while loops to for loops")
Signed-off-by: Aaron Conole <aconole@bytheb.org>
--
Pablo, if possible could this be squashed into the commit instead?  I
only did a build test of this, but it should be correct.

--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c
index fbe35b4..b12501a 100644
--- a/net/bridge/br_netfilter_hooks.c
+++ b/net/bridge/br_netfilter_hooks.c
@@ -1009,7 +1009,7 @@  int br_nf_hook_thresh(unsigned int hook, struct net *net,
 	int ret;
 
 	for (elem = rcu_dereference(net->nf.hooks[NFPROTO_BRIDGE][hook]);
-	     nf_hook_entry_priority(elem) <= NF_BR_PRI_BRNF;
+	     elem && nf_hook_entry_priority(elem) <= NF_BR_PRI_BRNF;
 	     elem = rcu_dereference(elem->next))
 		;