[NETFILTER]: nf_conntrack_ftp: fix missing helper mask initilization

[linux-2.6] / net / sched / act_ipt.c

diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c
index 224c078a398e77872418721cc206a6c01035ef9e..a9608064a4c303cb884b0fc6913d1f68e2fd33ee 100644 (file)
--- a/net/sched/act_ipt.c
+++ b/net/sched/act_ipt.c
@@ -69,7 +69,6 @@ static int ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int
        if (t->u.kernel.target->checkentry
            && !t->u.kernel.target->checkentry(table, NULL,
                                               t->u.kernel.target, t->data,
-                                              t->u.target_size - sizeof(*t),
                                               hook)) {
                module_put(t->u.kernel.target->me);
                ret = -EINVAL;
@@ -81,8 +80,7 @@ static int ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int
 static void ipt_destroy_target(struct ipt_entry_target *t)
 {
        if (t->u.kernel.target->destroy)
-               t->u.kernel.target->destroy(t->u.kernel.target, t->data,
-                                           t->u.target_size - sizeof(*t));
+               t->u.kernel.target->destroy(t->u.kernel.target, t->data);
         module_put(t->u.kernel.target->me);
 }
 
@@ -158,10 +156,9 @@ static int tcf_ipt_init(struct rtattr *rta, struct rtattr *est,
            rtattr_strlcpy(tname, tb[TCA_IPT_TABLE-1], IFNAMSIZ) >= IFNAMSIZ)
                strcpy(tname, "mangle");
 
-       t = kmalloc(td->u.target_size, GFP_KERNEL);
+       t = kmemdup(td, td->u.target_size, GFP_KERNEL);
        if (unlikely(!t))
                goto err2;
-       memcpy(t, td, td->u.target_size);
 
        if ((err = ipt_init_target(t, tname, hook)) < 0)
                goto err3;
@@ -222,7 +219,7 @@ static int tcf_ipt(struct sk_buff *skb, struct tc_action *a,
        ret = ipt->tcfi_t->u.kernel.target->target(&skb, skb->dev, NULL,
                                                   ipt->tcfi_hook,
                                                   ipt->tcfi_t->u.kernel.target,
-                                                  ipt->tcfi_t->data, NULL);
+                                                  ipt->tcfi_t->data);
        switch (ret) {
        case NF_ACCEPT:
                result = TC_ACT_OK;
@@ -258,13 +255,12 @@ static int tcf_ipt_dump(struct sk_buff *skb, struct tc_action *a, int bind, int
        ** for foolproof you need to not assume this
        */
 
-       t = kmalloc(ipt->tcfi_t->u.user.target_size, GFP_ATOMIC);
+       t = kmemdup(ipt->tcfi_t, ipt->tcfi_t->u.user.target_size, GFP_ATOMIC);
        if (unlikely(!t))
                goto rtattr_failure;
 
        c.bindcnt = ipt->tcf_bindcnt - bind;
        c.refcnt = ipt->tcf_refcnt - ref;
-       memcpy(t, ipt->tcfi_t, ipt->tcfi_t->u.user.target_size);
        strcpy(t->u.user.name, ipt->tcfi_t->u.kernel.target->name);
 
        RTA_PUT(skb, TCA_IPT_TARG, ipt->tcfi_t->u.user.target_size, t);