tproxy: Add missing error checking when parsing from netlink

netlink_get_register() may return NULL and every other caller checks that. Assuming this situation is not expected, just jump to 'err' label without queueing an explicit error message. Fixes: 2be1d52644cf7 ("src: Add tproxy support") Signed-off-by: Phil Sutter <phil@nwl.cc> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2019-10-21 16:29:03 +0200
committer: Phil Sutter <phil@nwl.cc> 2019-10-21 18:21:08 +0200
commit: e33b971f35cbfc3634dba9690537bbfb8baeac87 (patch)
tree: f699dbec3c4bf8263ba4f3e1a5657279fd5ebf89
parent: 00487d5fe3ece179e61124ee62449f4ad7d1918e (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index f7d328a8..154353b8 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1041,6 +1041,8 @@ static void netlink_parse_tproxy(struct netlink_parse_ctx *ctx,
 	reg = netlink_parse_register(nle, NFTNL_EXPR_TPROXY_REG_ADDR);
 	if (reg) {
 		addr = netlink_get_register(ctx, loc, reg);
+		if (addr == NULL)
+			goto err;
 
 		switch (stmt->tproxy.family) {
 		case NFPROTO_IPV4:
@@ -1060,6 +1062,8 @@ static void netlink_parse_tproxy(struct netlink_parse_ctx *ctx,
 	reg = netlink_parse_register(nle, NFTNL_EXPR_TPROXY_REG_PORT);
 	if (reg) {
 		port = netlink_get_register(ctx, loc, reg);
+		if (port == NULL)
+			goto err;
 		expr_set_type(port, &inet_service_type, BYTEORDER_BIG_ENDIAN);
 		stmt->tproxy.port = port;
 	}
author	Phil Sutter <phil@nwl.cc>	2019-10-21 16:29:03 +0200
committer	Phil Sutter <phil@nwl.cc>	2019-10-21 18:21:08 +0200
commit	e33b971f35cbfc3634dba9690537bbfb8baeac87 (patch)
tree	f699dbec3c4bf8263ba4f3e1a5657279fd5ebf89
parent	00487d5fe3ece179e61124ee62449f4ad7d1918e (diff)