Commit b21613ae authored by holger@eitzenberger.org's avatar holger@eitzenberger.org Committed by Pablo Neira Ayuso

netfilter: nf_ct_sip: extend RCU read lock in set_expected_rtp_rtcp()

Currently set_expected_rtp_rtcp() in the SIP helper uses
rcu_dereference() two times to access two different NAT hook
functions. However, only the first one is protected by the RCU
reader lock, but the 2nd isn't. Fix it by extending the RCU
protected area.

This is more a cosmetic thing since we rely on all netfilter hooks
being rcu_read_lock()ed by nf_hook_slow() in many places anyways,
as Patrick McHardy clarified.
Signed-off-by: default avatarHolger Eitzenberger <holger.eitzenberger@sophos.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 8ce44061
...@@ -966,7 +966,6 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff, ...@@ -966,7 +966,6 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff,
#endif #endif
skip_expect = 1; skip_expect = 1;
} while (!skip_expect); } while (!skip_expect);
rcu_read_unlock();
base_port = ntohs(tuple.dst.u.udp.port) & ~1; base_port = ntohs(tuple.dst.u.udp.port) & ~1;
rtp_port = htons(base_port); rtp_port = htons(base_port);
...@@ -980,8 +979,10 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff, ...@@ -980,8 +979,10 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff,
goto err1; goto err1;
} }
if (skip_expect) if (skip_expect) {
rcu_read_unlock();
return NF_ACCEPT; return NF_ACCEPT;
}
rtp_exp = nf_ct_expect_alloc(ct); rtp_exp = nf_ct_expect_alloc(ct);
if (rtp_exp == NULL) if (rtp_exp == NULL)
...@@ -1012,6 +1013,7 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff, ...@@ -1012,6 +1013,7 @@ static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff,
err2: err2:
nf_ct_expect_put(rtp_exp); nf_ct_expect_put(rtp_exp);
err1: err1:
rcu_read_unlock();
return ret; return ret;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment