netfilter: Fix potential crash in nft_hash walker
authorHerbert Xu <herbert@gondor.apana.org.au>
Thu, 12 Mar 2015 23:52:14 +0000 (10:52 +1100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 13 Mar 2015 11:03:00 +0000 (12:03 +0100)
When we get back an EAGAIN from rhashtable_walk_next we were
treating it as a valid object which obviously doesn't work too
well.

Luckily this is hard to trigger so it seems nobody has run into
it yet.

This patch fixes it by redoing the next call when we get an EAGAIN.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_hash.c

index c82df0a48fcd8a649921b3fcb6b5d1edd39c6295..37c15e6748841053df56fe092a49ced6fb06b077 100644 (file)
@@ -153,6 +153,8 @@ static void nft_hash_walk(const struct nft_ctx *ctx, const struct nft_set *set,
                                iter->err = err;
                                goto out;
                        }
+
+                       continue;
                }
 
                if (iter->count < iter->skip)