]> err.no Git - linux-2.6/commitdiff
[NETFILTER] NAT: Fix module refcount dropping too far
authorHarald Welte <laforge@netfilter.org>
Thu, 3 Nov 2005 19:17:51 +0000 (20:17 +0100)
committerArnaldo Carvalho de Melo <acme@mandriva.com>
Sat, 5 Nov 2005 03:23:34 +0000 (01:23 -0200)
The unknown protocol is used as a fallback when a protocol isn't known.
Hence we cannot handle it failing, so don't set ".me".  It's OK, since we
only grab a reference from within the same module (iptable_nat.ko), so we
never take the module refcount from 0 to 1.

Also, remove the "protocol is NULL" test: it's never NULL.

Signed-off-by: Rusty Rusty <rusty@rustcorp.com.au>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
net/ipv4/netfilter/ip_nat_core.c
net/ipv4/netfilter/ip_nat_proto_unknown.c

index c5e3abd24672beb3bf04ccef61a2d8b3582b79fd..762f4d93936b93497a31c77415a77bc6b6b78568 100644 (file)
@@ -66,10 +66,8 @@ ip_nat_proto_find_get(u_int8_t protonum)
         * removed until we've grabbed the reference */
        preempt_disable();
        p = __ip_nat_proto_find(protonum);
-       if (p) {
-               if (!try_module_get(p->me))
-                       p = &ip_nat_unknown_protocol;
-       }
+       if (!try_module_get(p->me))
+               p = &ip_nat_unknown_protocol;
        preempt_enable();
 
        return p;
index 99bbef56f84e9ff346b856760e4db18319d3d78f..f0099a646a0b430488f9ba625486585ae04fa8b6 100644 (file)
@@ -62,7 +62,7 @@ unknown_print_range(char *buffer, const struct ip_nat_range *range)
 
 struct ip_nat_protocol ip_nat_unknown_protocol = {
        .name                   = "unknown",
-       .me                     = THIS_MODULE,
+       /* .me isn't set: getting a ref to this cannot fail. */
        .manip_pkt              = unknown_manip_pkt,
        .in_range               = unknown_in_range,
        .unique_tuple           = unknown_unique_tuple,