diff options
author | Stephen Hemminger <shemminger@vyatta.com> | 2011-03-09 14:14:26 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2011-03-09 14:14:26 +0100 |
commit | adb00ae2ea0ec65f9d3d06079950c0f0ade3b614 (patch) | |
tree | 78f6cad2236a0393b74b6e9ac5b1975323cefde6 /net | |
parent | 9846ada138accc63994b57ebdfa76e3e137729e2 (diff) | |
download | linux-stable-adb00ae2ea0ec65f9d3d06079950c0f0ade3b614.tar.gz linux-stable-adb00ae2ea0ec65f9d3d06079950c0f0ade3b614.tar.bz2 linux-stable-adb00ae2ea0ec65f9d3d06079950c0f0ade3b614.zip |
netfilter: x_tables: misuse of try_then_request_module
Since xt_find_match() returns ERR_PTR(xx) on error not NULL,
the macro try_then_request_module won't work correctly here.
The macro expects its first argument will be zero if condition
fails. But ERR_PTR(-ENOENT) is not zero.
The correct solution is to propagate the error value
back.
Found by inspection, and compile tested only.
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/x_tables.c | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index 0a77d2ff2154..271eed32a6a1 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c @@ -183,7 +183,7 @@ EXPORT_SYMBOL(xt_unregister_matches); /* * These are weird, but module loading must not be done with mutex * held (since they will register), and we have to have a single - * function to use try_then_request_module(). + * function to use. */ /* Find match, grabs ref. Returns ERR_PTR() on error. */ @@ -221,9 +221,13 @@ xt_request_find_match(uint8_t nfproto, const char *name, uint8_t revision) { struct xt_match *match; - match = try_then_request_module(xt_find_match(nfproto, name, revision), - "%st_%s", xt_prefix[nfproto], name); - return (match != NULL) ? match : ERR_PTR(-ENOENT); + match = xt_find_match(nfproto, name, revision); + if (IS_ERR(match)) { + request_module("%st_%s", xt_prefix[nfproto], name); + match = xt_find_match(nfproto, name, revision); + } + + return match; } EXPORT_SYMBOL_GPL(xt_request_find_match); @@ -261,9 +265,13 @@ struct xt_target *xt_request_find_target(u8 af, const char *name, u8 revision) { struct xt_target *target; - target = try_then_request_module(xt_find_target(af, name, revision), - "%st_%s", xt_prefix[af], name); - return (target != NULL) ? target : ERR_PTR(-ENOENT); + target = xt_find_target(af, name, revision); + if (IS_ERR(target)) { + request_module("%st_%s", xt_prefix[af], name); + target = xt_find_target(af, name, revision); + } + + return target; } EXPORT_SYMBOL_GPL(xt_request_find_target); |