]> err.no Git - linux-2.6/blobdiff - net/netfilter/x_tables.c
projects / linux-2.6 / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[NETFILTER]: nf_conntrack_core: avoid taking nf_conntrack_lock in nf_conntrack_alter_...
[linux-2.6] / net / netfilter / x_tables.c
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index d62f722ccccbe35d735f82c8c2adbe2a9d2c25ad..cd78fc853a5d06482aacb524007dea5e87fee4a1 100644 (file)
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -399,7 +399,7 @@ int xt_compat_match_offset(struct xt_match *match)
 EXPORT_SYMBOL_GPL(xt_compat_match_offset);
 
 int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
-                             int *size)
+                             unsigned int *size)
 {
        struct xt_match *match = m->u.kernel.match;
        struct compat_xt_entry_match *cm = (struct compat_xt_entry_match *)m;
@@ -426,7 +426,7 @@ int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
 EXPORT_SYMBOL_GPL(xt_compat_match_from_user);
 
 int xt_compat_match_to_user(struct xt_entry_match *m, void __user **dstptr,
-                           int *size)
+                           unsigned int *size)
 {
        struct xt_match *match = m->u.kernel.match;
        struct compat_xt_entry_match __user *cm = *dstptr;
@@ -493,7 +493,7 @@ int xt_compat_target_offset(struct xt_target *target)
 EXPORT_SYMBOL_GPL(xt_compat_target_offset);
 
 void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr,
-                               int *size)
+                               unsigned int *size)
 {
        struct xt_target *target = t->u.kernel.target;
        struct compat_xt_entry_target *ct = (struct compat_xt_entry_target *)t;
@@ -519,7 +519,7 @@ void xt_compat_target_from_user(struct xt_entry_target *t, void **dstptr,
 EXPORT_SYMBOL_GPL(xt_compat_target_from_user);
 
 int xt_compat_target_to_user(struct xt_entry_target *t, void __user **dstptr,
-                            int *size)
+                            unsigned int *size)
 {
        struct xt_target *target = t->u.kernel.target;
        struct compat_xt_entry_target __user *ct = *dstptr;
@@ -667,9 +667,16 @@ struct xt_table *xt_register_table(struct net *net, struct xt_table *table,
        struct xt_table_info *private;
        struct xt_table *t;
 
+       /* Don't add one object to multiple lists. */
+       table = kmemdup(table, sizeof(struct xt_table), GFP_KERNEL);
+       if (!table) {
+               ret = -ENOMEM;
+               goto out;
+       }
+
        ret = mutex_lock_interruptible(&xt[table->af].mutex);
        if (ret != 0)
-               goto out;
+               goto out_free;
 
        /* Don't autoload: we'd eat our tail... */
        list_for_each_entry(t, &net->xt.tables[table->af], list) {
@@ -697,6 +704,8 @@ struct xt_table *xt_register_table(struct net *net, struct xt_table *table,
 
  unlock:
        mutex_unlock(&xt[table->af].mutex);
+out_free:
+       kfree(table);
 out:
        return ERR_PTR(ret);
 }
@@ -710,6 +719,7 @@ void *xt_unregister_table(struct xt_table *table)
        private = table->private;
        list_del(&table->list);
        mutex_unlock(&xt[table->af].mutex);
+       kfree(table);
 
        return private;
 }
Linux 2.6 source tree