[NETFILTER 00/02]: Netfilter fixes

All of lore.kernel.org
 help / color / mirror / Atom feed

* [NETFILTER 00/02]: Netfilter fixes
@ 2007-01-15  9:22 Patrick McHardy
  2007-01-15  9:22 ` [NETFILTER 01/02]: ctnetlink: fix leak in ctnetlink_create_conntrack error path Patrick McHardy
  2007-01-15  9:22 ` [NETFILTER 02/02]: fix xt_state compile failure Patrick McHardy
  0 siblings, 2 replies; 5+ messages in thread
From: Patrick McHardy @ 2007-01-15  9:22 UTC (permalink / raw)
  To: davem; +Cc: netfilter-devel, Patrick McHardy

Hi Dave,

following are two netfilter fixes for 2.6.20, fixing a memory leak in
ctnetlink and a compile failure of the state match on PPC.

Please apply, thanks.


 include/net/netfilter/nf_conntrack_compat.h |    1 +
 net/ipv4/netfilter/ip_conntrack_netlink.c   |    2 +-
 net/netfilter/nf_conntrack_netlink.c        |    2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

Mikael Pettersson:
      [NETFILTER]: fix xt_state compile failure

Patrick McHardy:
      [NETFILTER]: ctnetlink: fix leak in ctnetlink_create_conntrack error path

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [NETFILTER 01/02]: ctnetlink: fix leak in ctnetlink_create_conntrack error path
  2007-01-15  9:22 [NETFILTER 00/02]: Netfilter fixes Patrick McHardy
@ 2007-01-15  9:22 ` Patrick McHardy
  2007-01-16  1:15   ` David Miller
  2007-01-15  9:22 ` [NETFILTER 02/02]: fix xt_state compile failure Patrick McHardy
  1 sibling, 1 reply; 5+ messages in thread
From: Patrick McHardy @ 2007-01-15  9:22 UTC (permalink / raw)
  To: davem; +Cc: netfilter-devel, Patrick McHardy

[NETFILTER]: ctnetlink: fix leak in ctnetlink_create_conntrack error path

Signed-off-by: Patrick McHardy <kaber@trash.net>

---
commit 2725df007db9ffd520ce9be463e1d73202709d9b
tree a94f13912dc2f5703e29a8335b025d775d6121a6
parent 8bebd24221e4690f6fd9d5158c42cf59cf2422ab
author Patrick McHardy <kaber@trash.net> Mon, 15 Jan 2007 09:25:33 +0100
committer Patrick McHardy <kaber@trash.net> Mon, 15 Jan 2007 09:25:33 +0100

 net/ipv4/netfilter/ip_conntrack_netlink.c |    2 +-
 net/netfilter/nf_conntrack_netlink.c      |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c
index 5fcf91d..6f31fad 100644
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -959,7 +959,7 @@ ctnetlink_create_conntrack(struct nfattr
 	if (cda[CTA_PROTOINFO-1]) {
 		err = ctnetlink_change_protoinfo(ct, cda);
 		if (err < 0)
-			return err;
+			goto err;
 	}
 
 #if defined(CONFIG_IP_NF_CONNTRACK_MARK)
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index bd1d2de..811e3e7 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -981,7 +981,7 @@ ctnetlink_create_conntrack(struct nfattr
 	if (cda[CTA_PROTOINFO-1]) {
 		err = ctnetlink_change_protoinfo(ct, cda);
 		if (err < 0)
-			return err;
+			goto err;
 	}
 
 #if defined(CONFIG_NF_CONNTRACK_MARK)

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* [NETFILTER 02/02]: fix xt_state compile failure
  2007-01-15  9:22 [NETFILTER 00/02]: Netfilter fixes Patrick McHardy
  2007-01-15  9:22 ` [NETFILTER 01/02]: ctnetlink: fix leak in ctnetlink_create_conntrack error path Patrick McHardy
@ 2007-01-15  9:22 ` Patrick McHardy
  2007-01-16  1:16   ` David Miller
  1 sibling, 1 reply; 5+ messages in thread
From: Patrick McHardy @ 2007-01-15  9:22 UTC (permalink / raw)
  To: davem; +Cc: netfilter-devel, Patrick McHardy

[NETFILTER]: fix xt_state compile failure

In file included from net/netfilter/xt_state.c:13:
include/net/netfilter/nf_conntrack_compat.h: In function 'nf_ct_l3proto_try_module_get':
include/net/netfilter/nf_conntrack_compat.h:70: error: 'PF_INET' undeclared (first use in this function)
include/net/netfilter/nf_conntrack_compat.h:70: error: (Each undeclared identifier is reported only once
include/net/netfilter/nf_conntrack_compat.h:70: error: for each function it appears in.)
include/net/netfilter/nf_conntrack_compat.h:71: warning: control reaches end of non-void function
make[2]: *** [net/netfilter/xt_state.o] Error 1
make[1]: *** [net/netfilter] Error 2
make: *** [net] Error 2

A simple fix is to have nf_conntrack_compat.h #include <linux/socket.h>.

Signed-off-by: Mikael Pettersson <mikpe@it.uu.se>
Signed-off-by: Patrick McHardy <kaber@trash.net>

---
commit f8f00b3d4bf918190a6edd5b94bbee452b4f5d64
tree 72676d027ca247eb0ca171247c328860e3f043c3
parent 2725df007db9ffd520ce9be463e1d73202709d9b
author Mikael Pettersson <mikpe@it.uu.se> Mon, 15 Jan 2007 09:30:45 +0100
committer Patrick McHardy <kaber@trash.net> Mon, 15 Jan 2007 09:30:45 +0100

 include/net/netfilter/nf_conntrack_compat.h |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/include/net/netfilter/nf_conntrack_compat.h b/include/net/netfilter/nf_conntrack_compat.h
index b9ce5c8..6f84c1f 100644
--- a/include/net/netfilter/nf_conntrack_compat.h
+++ b/include/net/netfilter/nf_conntrack_compat.h
@@ -6,6 +6,7 @@ #ifdef __KERNEL__
 #if defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE)
 
 #include <linux/netfilter_ipv4/ip_conntrack.h>
+#include <linux/socket.h>
 
 #ifdef CONFIG_IP_NF_CONNTRACK_MARK
 static inline u_int32_t *nf_ct_get_mark(const struct sk_buff *skb,

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [NETFILTER 01/02]: ctnetlink: fix leak in ctnetlink_create_conntrack error path
  2007-01-15  9:22 ` [NETFILTER 01/02]: ctnetlink: fix leak in ctnetlink_create_conntrack error path Patrick McHardy
@ 2007-01-16  1:15   ` David Miller
  0 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2007-01-16  1:15 UTC (permalink / raw)
  To: kaber; +Cc: netfilter-devel

From: Patrick McHardy <kaber@trash.net>
Date: Mon, 15 Jan 2007 10:22:52 +0100 (MET)

> [NETFILTER]: ctnetlink: fix leak in ctnetlink_create_conntrack error path
> 
> Signed-off-by: Patrick McHardy <kaber@trash.net>

Applied.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [NETFILTER 02/02]: fix xt_state compile failure
  2007-01-15  9:22 ` [NETFILTER 02/02]: fix xt_state compile failure Patrick McHardy
@ 2007-01-16  1:16   ` David Miller
  0 siblings, 0 replies; 5+ messages in thread
From: David Miller @ 2007-01-16  1:16 UTC (permalink / raw)
  To: kaber; +Cc: netfilter-devel

From: Patrick McHardy <kaber@trash.net>
Date: Mon, 15 Jan 2007 10:22:54 +0100 (MET)

> [NETFILTER]: fix xt_state compile failure
> 
> In file included from net/netfilter/xt_state.c:13:
> include/net/netfilter/nf_conntrack_compat.h: In function 'nf_ct_l3proto_try_module_get':
> include/net/netfilter/nf_conntrack_compat.h:70: error: 'PF_INET' undeclared (first use in this function)
> include/net/netfilter/nf_conntrack_compat.h:70: error: (Each undeclared identifier is reported only once
> include/net/netfilter/nf_conntrack_compat.h:70: error: for each function it appears in.)
> include/net/netfilter/nf_conntrack_compat.h:71: warning: control reaches end of non-void function
> make[2]: *** [net/netfilter/xt_state.o] Error 1
> make[1]: *** [net/netfilter] Error 2
> make: *** [net] Error 2
> 
> A simple fix is to have nf_conntrack_compat.h #include <linux/socket.h>.
> 
> Signed-off-by: Mikael Pettersson <mikpe@it.uu.se>
> Signed-off-by: Patrick McHardy <kaber@trash.net>

Applied, thanks Patrick.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2007-01-16  1:16 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-01-15  9:22 [NETFILTER 00/02]: Netfilter fixes Patrick McHardy
2007-01-15  9:22 ` [NETFILTER 01/02]: ctnetlink: fix leak in ctnetlink_create_conntrack error path Patrick McHardy
2007-01-16  1:15   ` David Miller
2007-01-15  9:22 ` [NETFILTER 02/02]: fix xt_state compile failure Patrick McHardy
2007-01-16  1:16   ` David Miller

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.