From ebca5a8151a05969ed18c060799e099c9a599b08 Mon Sep 17 00:00:00 2001
From: Liping Zhang <liping.zhang@spreadtrum.com>
Date: Sat, 16 Jul 2016 19:39:53 +0800
Subject: extensions: libxt_connlabel: fix crash when connlabel.conf is empty

When connlabel.conf is empty, nfct_labelmap_new will return NULL and
set errno to 0. So we will miss to check this situation, and cause NULL
deference in nfct_labelmap_get_bit.

Input the following commands will reproduce this crash:
  # echo > /etc/xtables/connlabel.conf
  # iptables -A INPUT -m connlabel --label abc
  Segmentation fault (core dumped)

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
---
 extensions/libxt_connlabel.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'extensions/libxt_connlabel.c')

diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c
index 1f830954..355c99ae 100644
--- a/extensions/libxt_connlabel.c
+++ b/extensions/libxt_connlabel.c
@@ -38,9 +38,16 @@ static void connlabel_open(void)
 		return;
 
 	map = nfct_labelmap_new(NULL);
-	if (!map && errno)
-		xtables_error(RESOURCE_PROBLEM, "cannot open connlabel.conf: %s\n",
-			strerror(errno));
+	if (map != NULL)
+		return;
+
+	if (errno) {
+		xtables_error(RESOURCE_PROBLEM,
+			"cannot open connlabel.conf: %s", strerror(errno));
+	} else {
+		xtables_error(RESOURCE_PROBLEM,
+			"cannot parse label, maybe valid label map is empty");
+	}
 }
 
 static void connlabel_mt_parse(struct xt_option_call *cb)
-- 
cgit v1.2.3