Commit 4e6577de authored by Gao Feng's avatar Gao Feng Committed by Pablo Neira Ayuso

netfilter: Add the missed return value check of register_netdevice_notifier

There are some codes of netfilter module which did not check the return
value of register_netdevice_notifier. Add the checks now.
Signed-off-by: default avatarGao Feng <fgao@ikuai8.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent cf71c03e
...@@ -151,12 +151,20 @@ static int __init nf_tables_netdev_init(void) ...@@ -151,12 +151,20 @@ static int __init nf_tables_netdev_init(void)
nft_register_chain_type(&nft_filter_chain_netdev); nft_register_chain_type(&nft_filter_chain_netdev);
ret = register_pernet_subsys(&nf_tables_netdev_net_ops); ret = register_pernet_subsys(&nf_tables_netdev_net_ops);
if (ret < 0) { if (ret)
nft_unregister_chain_type(&nft_filter_chain_netdev); goto err1;
return ret;
} ret = register_netdevice_notifier(&nf_tables_netdev_notifier);
register_netdevice_notifier(&nf_tables_netdev_notifier); if (ret)
goto err2;
return 0; return 0;
err2:
unregister_pernet_subsys(&nf_tables_netdev_net_ops);
err1:
nft_unregister_chain_type(&nft_filter_chain_netdev);
return ret;
} }
static void __exit nf_tables_netdev_exit(void) static void __exit nf_tables_netdev_exit(void)
......
...@@ -1522,9 +1522,16 @@ static int __init nfnetlink_queue_init(void) ...@@ -1522,9 +1522,16 @@ static int __init nfnetlink_queue_init(void)
goto cleanup_netlink_notifier; goto cleanup_netlink_notifier;
} }
register_netdevice_notifier(&nfqnl_dev_notifier); status = register_netdevice_notifier(&nfqnl_dev_notifier);
if (status < 0) {
pr_err("nf_queue: failed to register netdevice notifier\n");
goto cleanup_netlink_subsys;
}
return status; return status;
cleanup_netlink_subsys:
nfnetlink_subsys_unregister(&nfqnl_subsys);
cleanup_netlink_notifier: cleanup_netlink_notifier:
netlink_unregister_notifier(&nfqnl_rtnl_notifier); netlink_unregister_notifier(&nfqnl_rtnl_notifier);
unregister_pernet_subsys(&nfnl_queue_net_ops); unregister_pernet_subsys(&nfnl_queue_net_ops);
......
...@@ -89,6 +89,8 @@ static int tee_tg_check(const struct xt_tgchk_param *par) ...@@ -89,6 +89,8 @@ static int tee_tg_check(const struct xt_tgchk_param *par)
return -EINVAL; return -EINVAL;
if (info->oif[0]) { if (info->oif[0]) {
int ret;
if (info->oif[sizeof(info->oif)-1] != '\0') if (info->oif[sizeof(info->oif)-1] != '\0')
return -EINVAL; return -EINVAL;
...@@ -101,7 +103,11 @@ static int tee_tg_check(const struct xt_tgchk_param *par) ...@@ -101,7 +103,11 @@ static int tee_tg_check(const struct xt_tgchk_param *par)
priv->notifier.notifier_call = tee_netdev_event; priv->notifier.notifier_call = tee_netdev_event;
info->priv = priv; info->priv = priv;
register_netdevice_notifier(&priv->notifier); ret = register_netdevice_notifier(&priv->notifier);
if (ret) {
kfree(priv);
return ret;
}
} else } else
info->priv = NULL; info->priv = NULL;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment