diff options
author | Florian Westphal <fw@strlen.de> | 2016-06-16 15:11:32 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2016-06-20 14:48:22 +0200 |
commit | 4ca06bc967d94b7b7b5a6efc76e870f0efc77e24 (patch) | |
tree | 0fce007c5afd9f75dcad3250697f05ae1e8bd56d /src | |
parent | b5db77dc91454d1a1722672e13e87bf41d5ed427 (diff) |
src: make nfq_open_nfnl thread-safe
nfq_open_nfnl uses an intermediate static object, so when it is invoked
by distinct threads at the same time there is a small chance that some
threads end up with another threads nfq_handle pointer stored in ->data.
The result is that the affected queue will be stuck because the thread
that was supposed to service it is handling another/wrong queue instead.
Tested-by: Michal Tesar <mtesar@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/libnetfilter_queue.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 84184ee..5fbde5b 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -216,11 +216,6 @@ static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[], return qh->cb(qh, nfmsg, &nfqa, qh->data); } -static struct nfnl_callback pkt_cb = { - .call = &__nfq_rcv_pkt, - .attr_count = NFQA_MAX, -}; - /* public interface */ struct nfnl_handle *nfq_nfnlh(struct nfq_handle *h) @@ -389,6 +384,10 @@ EXPORT_SYMBOL(nfq_open); */ struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh) { + struct nfnl_callback pkt_cb = { + .call = __nfq_rcv_pkt, + .attr_count = NFQA_MAX, + }; struct nfq_handle *h; int err; |