subject:"\[PATCH 1\/2 nf\] netfilter\: seqadj\: Fix some possible panics of seqadj when mem is exhausted"

Re: [PATCH 1/2 nf] netfilter: seqadj: Fix some possible panics of seqadj when mem is exhausted

2016-09-01 Thread Gao Feng

Hi Liping, On Fri, Sep 2, 2016 at 12:50 PM, Liping Zhang wrote: > Hi Feng, > 2016-09-02 9:48 GMT+08:00 : >> From: Gao Feng >> @@ -171,6 +176,11 @@ int nf_ct_seq_adjust(struct sk_buff *skb, >> struct nf_ct_seqadj *this_way,

Re: [PATCH 1/2 nf] netfilter: seqadj: Fix some possible panics of seqadj when mem is exhausted

2016-09-01 Thread Liping Zhang

Hi Feng, 2016-09-02 9:48 GMT+08:00 : > From: Gao Feng > @@ -171,6 +176,11 @@ int nf_ct_seq_adjust(struct sk_buff *skb, > struct nf_ct_seqadj *this_way, *other_way; > int res; > > + if (unlikely(!seqadj)) { IPS_SEQ_ADJUST_BIT will be tested

[PATCH 1/2 nf] netfilter: seqadj: Fix some possible panics of seqadj when mem is exhausted

2016-09-01 Thread fgao

From: Gao Feng When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj extension. But these interface functions nf_ct_seqadj_init and nf_ct_seq_adjust don't check if they get the valid seqadj pointer by the nfct_seqadj, while nf_ct_seqadj_set and