diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-06-23 17:38:18 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-06-23 17:38:18 +0200 |
commit | e664524e05ad555cfb0e7851a7cfeb573fcc27b5 (patch) | |
tree | 1168aea138658fc23f128217e8c7a6f4eba53234 | |
parent | 072959dbc1778a8f85aac9d6ef842ce9222d1fea (diff) |
NFCT: fix NULL dereference when hashtable is full
This patch fixes a NULL dereference to the timestamp structure when
hashtable_add() fails, for example, because the hashtable is full.
Reported-by: Bernhard Schmidt <berni@birkenwald.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | input/flow/ulogd_inpflow_NFCT.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c index b8278af..b16687e 100644 --- a/input/flow/ulogd_inpflow_NFCT.c +++ b/input/flow/ulogd_inpflow_NFCT.c @@ -596,6 +596,9 @@ static int event_handler(enum nf_conntrack_msg_type type, switch(type) { case NFCT_T_NEW: ts = hashtable_add(cpi->ct_active, &tmp); + if (ts == NULL) + return NFCT_CB_CONTINUE; + gettimeofday(&ts->time[START], NULL); return NFCT_CB_STOLEN; case NFCT_T_UPDATE: @@ -604,6 +607,9 @@ static int event_handler(enum nf_conntrack_msg_type type, nfct_copy(ts->ct, ct, NFCT_CP_META); else { ts = hashtable_add(cpi->ct_active, &tmp); + if (ts == NULL) + return NFCT_CB_CONTINUE; + gettimeofday(&ts->time[START], NULL); return NFCT_CB_STOLEN; } @@ -734,6 +740,9 @@ static int overrun_handler(enum nf_conntrack_msg_type type, /* if it does not exist, add it */ if (!hashtable_get(cpi->ct_active, &tmp)) { ts = hashtable_add(cpi->ct_active, &tmp); + if (ts == NULL) + return NFCT_CB_CONTINUE; + gettimeofday(&ts->time[START], NULL); /* do our best here */ return NFCT_CB_STOLEN; } |