[PATCH]: netfilter: ftp/irc/sane/sip/tftp: Fix the kernel panic when load these modules with duplicated ports

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH]: netfilter: ftp/irc/sane/sip/tftp: Fix the kernel panic when load these modules with duplicated ports
@ 2015-09-25 10:02 Feng Gao
       [not found] ` <BAY403-EAS49051FE98EBBE5A72C2E2695420@phx.gbl>
  0 siblings, 1 reply; 3+ messages in thread
From: Feng Gao @ 2015-09-25 10:02 UTC (permalink / raw)
  To: 'Pablo Neira Ayuso'; +Cc: netfilter-devel, gfree.wind

Reset the helper->me to NULL when it fail to register helper.
Then the fini function of these modules could avoid unregister
wrong helper.

Signed-off-by: Feng Gao <gfree.wind@gmail.com>
---
 net/netfilter/nf_conntrack_ftp.c  |    1 +
 net/netfilter/nf_conntrack_irc.c  |    7 +++++--
 net/netfilter/nf_conntrack_sane.c |    4 ++++
 net/netfilter/nf_conntrack_sip.c  |    1 +
 net/netfilter/nf_conntrack_tftp.c |    7 +++++--
 5 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/net/netfilter/nf_conntrack_ftp.c
b/net/netfilter/nf_conntrack_ftp.c
index b666959..fbc4b82 100644
--- a/net/netfilter/nf_conntrack_ftp.c
+++ b/net/netfilter/nf_conntrack_ftp.c
@@ -630,6 +630,7 @@ static int __init nf_conntrack_ftp_init(void)
 				 ftp[i][j].tuple.src.l3num, ports[i]);
 			ret = nf_conntrack_helper_register(&ftp[i][j]);
 			if (ret) {
+				ftp[i][j].me = NULL;
 				printk(KERN_ERR "nf_ct_ftp: failed to
register"
 				       " helper for pf: %d port: %d\n",
 					ftp[i][j].tuple.src.l3num,
ports[i]);
diff --git a/net/netfilter/nf_conntrack_irc.c
b/net/netfilter/nf_conntrack_irc.c
index 0fd2976..7c99378 100644
--- a/net/netfilter/nf_conntrack_irc.c
+++ b/net/netfilter/nf_conntrack_irc.c
@@ -267,6 +267,7 @@ static int __init nf_conntrack_irc_init(void)
 
 		ret = nf_conntrack_helper_register(&irc[i]);
 		if (ret) {
+			irc[i].me = NULL;
 			printk(KERN_ERR "nf_ct_irc: failed to register
helper "
 			       "for pf: %u port: %u\n",
 			       irc[i].tuple.src.l3num, ports[i]);
@@ -283,8 +284,10 @@ static void nf_conntrack_irc_fini(void)
 {
 	int i;
 
-	for (i = 0; i < ports_c; i++)
-		nf_conntrack_helper_unregister(&irc[i]);
+	for (i = 0; i < ports_c; i++) {
+		if (irc[i].me)
+			nf_conntrack_helper_unregister(&irc[i]);
+	}
 	kfree(irc_buffer);
 }
 
diff --git a/net/netfilter/nf_conntrack_sane.c
b/net/netfilter/nf_conntrack_sane.c
index 4a2134f..f4986df 100644
--- a/net/netfilter/nf_conntrack_sane.c
+++ b/net/netfilter/nf_conntrack_sane.c
@@ -178,6 +178,9 @@ static void nf_conntrack_sane_fini(void)
 
 	for (i = 0; i < ports_c; i++) {
 		for (j = 0; j < 2; j++) {
+			if (!sane[i][j].me)
+				continue;
+
 			pr_debug("nf_ct_sane: unregistering helper for pf:
%d "
 				 "port: %d\n",
 				 sane[i][j].tuple.src.l3num, ports[i]);
@@ -221,6 +224,7 @@ static int __init nf_conntrack_sane_init(void)
 				 sane[i][j].tuple.src.l3num, ports[i]);
 			ret = nf_conntrack_helper_register(&sane[i][j]);
 			if (ret) {
+				sane[i][j].me = NULL;
 				printk(KERN_ERR "nf_ct_sane: failed to "
 				       "register helper for pf: %d port:
%d\n",
 					sane[i][j].tuple.src.l3num,
ports[i]);
diff --git a/net/netfilter/nf_conntrack_sip.c
b/net/netfilter/nf_conntrack_sip.c
index 885b4ab..53cd48a 100644
--- a/net/netfilter/nf_conntrack_sip.c
+++ b/net/netfilter/nf_conntrack_sip.c
@@ -1665,6 +1665,7 @@ static int __init nf_conntrack_sip_init(void)
 
 			ret = nf_conntrack_helper_register(&sip[i][j]);
 			if (ret) {
+				sip[i][j].me = NULL;
 				printk(KERN_ERR "nf_ct_sip: failed to
register"
 				       " helper for pf: %u port: %u\n",
 				       sip[i][j].tuple.src.l3num, ports[i]);
diff --git a/net/netfilter/nf_conntrack_tftp.c
b/net/netfilter/nf_conntrack_tftp.c
index e68ab4f..8255b21 100644
--- a/net/netfilter/nf_conntrack_tftp.c
+++ b/net/netfilter/nf_conntrack_tftp.c
@@ -107,8 +107,10 @@ static void nf_conntrack_tftp_fini(void)
 	int i, j;
 
 	for (i = 0; i < ports_c; i++) {
-		for (j = 0; j < 2; j++)
-			nf_conntrack_helper_unregister(&tftp[i][j]);
+		for (j = 0; j < 2; j++) {
+			if (tftp[i][j].me)
+				nf_conntrack_helper_unregister(&tftp[i][j]);
+		}
 	}
 }
 
@@ -138,6 +140,7 @@ static int __init nf_conntrack_tftp_init(void)
 
 			ret = nf_conntrack_helper_register(&tftp[i][j]);
 			if (ret) {
+				tftp[i][j].me = NULL;
 				printk(KERN_ERR "nf_ct_tftp: failed to
register"
 				       " helper for pf: %u port: %u\n",
 					tftp[i][j].tuple.src.l3num,
ports[i]);

^ permalink raw reply related	[flat|nested] 3+ messages in thread

[parent not found: <BAY403-EAS49051FE98EBBE5A72C2E2695420@phx.gbl>]

* Re: 答复: [PATCH]: netfilter: ftp/irc/sane/sip/tftp: Fix the kernel panic when load these modules with duplicated ports
       [not found] ` <BAY403-EAS49051FE98EBBE5A72C2E2695420@phx.gbl>
@ 2015-09-25 11:20   ` Pablo Neira Ayuso
       [not found]     ` <BAY403-EAS322E3082C2EE709D656EAA095420@phx.gbl>
  0 siblings, 1 reply; 3+ messages in thread
From: Pablo Neira Ayuso @ 2015-09-25 11:20 UTC (permalink / raw)
  To: Feng Gao; +Cc: netfilter-devel

On Fri, Sep 25, 2015 at 07:12:24PM +0800, Feng Gao wrote:
> Hi Pablo,
> 
> When execute " insmod nf_conntrack_ftp.ko ports=76,76,76", the kernel
> crashes immediately.
> Because the old codes try to unregister the helper which is not registered
> successfully.
> This bug has existed for a long time since the nf_conntrack_helper_register
> checked the duplicated entry.
> 
> I don't know if I should add the reproduce process in the commit comment.

That's good idea to insist on the fact that this bug is crashing the
kernel, and that is not good.

^ permalink raw reply	[flat|nested] 3+ messages in thread

[parent not found: <BAY403-EAS322E3082C2EE709D656EAA095420@phx.gbl>]

[parent not found: <BAY403-EAS3176BC70926B09E2359072395380@phx.gbl>]

* Re: 答复: 答复: [PATCH]: netfilter: ftp/irc/sane/sip/tftp: Fix the kernel panic when load these modules with duplicated ports
       [not found]       ` <BAY403-EAS3176BC70926B09E2359072395380@phx.gbl>
@ 2015-10-21  8:52         ` Pablo Neira Ayuso
  0 siblings, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2015-10-21  8:52 UTC (permalink / raw)
  To: Feng Gao; +Cc: netfilter-devel

On Wed, Oct 21, 2015 at 08:21:12AM +0800, Feng Gao wrote:
> Hi Pablo,
> 
> How about this patch? It will be applied?

Could you investigate if it would be possible to add a
nf_conntrack_helpers_register()?

The idea is to have a native function that handles array of helpers.
We have something similar for _hooks.

Moreover, reduce the length of your patch subject to ~80 chars if
possible.

Thanks.

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2015-10-21  8:45 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-09-25 10:02 [PATCH]: netfilter: ftp/irc/sane/sip/tftp: Fix the kernel panic when load these modules with duplicated ports Feng Gao
     [not found] ` <BAY403-EAS49051FE98EBBE5A72C2E2695420@phx.gbl>
2015-09-25 11:20   ` 答复: " Pablo Neira Ayuso
     [not found]     ` <BAY403-EAS322E3082C2EE709D656EAA095420@phx.gbl>
     [not found]       ` <BAY403-EAS3176BC70926B09E2359072395380@phx.gbl>
2015-10-21  8:52         ` 答复: " Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).