diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-27 18:51:39 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-30 11:44:24 +0200 |
commit | 63283dd21ed2bf25a71909a820ed3e8fe412e15d (patch) | |
tree | 4ea57690fa3009f5737fbab3385b595f518844c1 /net | |
parent | e940f5d6ba6a01f8dbb870854d5205d322452730 (diff) | |
download | linux-63283dd21ed2bf25a71909a820ed3e8fe412e15d.tar.bz2 |
netfilter: nf_tables: skip transaction if no update flags in tables
Skip transaction handling for table updates with no changes in
the flags. This fixes a crash when passing the table flag with all
bits unset.
Reported-by: Ana Rey <anarey@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nf_tables_api.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index ab4566cfcbe4..da5dc37a7402 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -407,6 +407,9 @@ static int nf_tables_updtable(struct nft_ctx *ctx) if (flags & ~NFT_TABLE_F_DORMANT) return -EINVAL; + if (flags == ctx->table->flags) + return 0; + trans = nft_trans_alloc(ctx, NFT_MSG_NEWTABLE, sizeof(struct nft_trans_table)); if (trans == NULL) |