[NETFILTER]: ipt_recent: avoid a possible NULL pointer deref in recent_seq_open()
authorJesper Juhl <jesper.juhl@gmail.com>
Wed, 8 Aug 2007 01:10:54 +0000 (18:10 -0700)
committerDavid S. Miller <davem@davemloft.net>
Wed, 8 Aug 2007 01:10:54 +0000 (18:10 -0700)
If the call to seq_open() returns != 0 then the code calls
kfree(st) but then on the very next line proceeds to
dereference the pointer - not good.

Problem spotted by the Coverity checker.

Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/netfilter/ipt_recent.c

index 3218043156591f874e59deff90f8b5fa7a027d8c..6d0c0f7364adbcac35fc4a332e11f6841e0430b3 100644 (file)
@@ -387,12 +387,17 @@ static int recent_seq_open(struct inode *inode, struct file *file)
        st = kzalloc(sizeof(*st), GFP_KERNEL);
        if (st == NULL)
                return -ENOMEM;
+
        ret = seq_open(file, &recent_seq_ops);
-       if (ret)
+       if (ret) {
                kfree(st);
+               goto out;
+       }
+
        st->table    = pde->data;
        seq          = file->private_data;
        seq->private = st;
+out:
        return ret;
 }