src: fix possible null pointer dereference in nft_*_attr_get_*

As reported by John Sager, nft_set_attr_get_u32 can cause a segfault because nft_set_attr_get can return NULL. Check for a non-NULL pointer before dereferencing. This closes netfilter bugzilla #868. [ I have mangled this patch to solve possible null pointer dereference with get operations with rule objects --pablo ] Signed-off-by: Phil Oester <kernel@linuxace.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Oester <kernel@linuxace.com> 2013-10-25 09:55:31 -0700
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-10-27 21:31:44 +0100
commit: fe59236952e037029c484b3f2ee75c658df90a9c (patch)
tree: e9cb5938508d98c73c8cd967a2f1a2748e7eef42 /src/set.c
parent: 032b73d499d76bf16a62f818373385dcc01f42fd (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/set.c b/src/set.c
index 74ec1e3..2c6e6a6 100644
--- a/src/set.c
+++ b/src/set.c
@@ -183,8 +183,8 @@ EXPORT_SYMBOL(nft_set_attr_get_str);
 
 uint32_t nft_set_attr_get_u32(struct nft_set *s, uint16_t attr)
 {
-	uint32_t val = *((uint32_t *)nft_set_attr_get(s, attr));
-	return val;
+	const uint32_t *val = nft_set_attr_get(s, attr);
+	return val ? *val : 0;
 }
 EXPORT_SYMBOL(nft_set_attr_get_u32);
author	Phil Oester <kernel@linuxace.com>	2013-10-25 09:55:31 -0700
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-10-27 21:31:44 +0100
commit	fe59236952e037029c484b3f2ee75c658df90a9c (patch)
tree	e9cb5938508d98c73c8cd967a2f1a2748e7eef42 /src/set.c
parent	032b73d499d76bf16a62f818373385dcc01f42fd (diff)