summaryrefslogtreecommitdiffstats
path: root/input
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-06-23 17:38:18 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2009-06-23 17:38:18 +0200
commite664524e05ad555cfb0e7851a7cfeb573fcc27b5 (patch)
tree1168aea138658fc23f128217e8c7a6f4eba53234 /input
parent072959dbc1778a8f85aac9d6ef842ce9222d1fea (diff)
NFCT: fix NULL dereference when hashtable is full
This patch fixes a NULL dereference to the timestamp structure when hashtable_add() fails, for example, because the hashtable is full. Reported-by: Bernhard Schmidt <berni@birkenwald.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'input')
-rw-r--r--input/flow/ulogd_inpflow_NFCT.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c
index b8278af..b16687e 100644
--- a/input/flow/ulogd_inpflow_NFCT.c
+++ b/input/flow/ulogd_inpflow_NFCT.c
@@ -596,6 +596,9 @@ static int event_handler(enum nf_conntrack_msg_type type,
switch(type) {
case NFCT_T_NEW:
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL);
return NFCT_CB_STOLEN;
case NFCT_T_UPDATE:
@@ -604,6 +607,9 @@ static int event_handler(enum nf_conntrack_msg_type type,
nfct_copy(ts->ct, ct, NFCT_CP_META);
else {
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL);
return NFCT_CB_STOLEN;
}
@@ -734,6 +740,9 @@ static int overrun_handler(enum nf_conntrack_msg_type type,
/* if it does not exist, add it */
if (!hashtable_get(cpi->ct_active, &tmp)) {
ts = hashtable_add(cpi->ct_active, &tmp);
+ if (ts == NULL)
+ return NFCT_CB_CONTINUE;
+
gettimeofday(&ts->time[START], NULL); /* do our best here */
return NFCT_CB_STOLEN;
}