Hi!
From: Florian Westphal fw@strlen.de
[ Upstream commit fa5950e498e7face21a1761f327e6c1152f778c3 ]
None of these spots really needs to crash the kernel. In one two cases we can jsut report error to userspace, in the other cases we can just use WARN_ON (and leak memory instead).
Do these conditions trigger for someone, to warrant -stable patch?
+++ b/net/netfilter/nft_cmp.c @@ -79,7 +79,8 @@ static int nft_cmp_init(const struct nft_ctx *ctx, const struct nft_expr *expr, err = nft_data_init(NULL, &priv->data, sizeof(priv->data), &desc, tb[NFTA_CMP_DATA]);
- BUG_ON(err < 0);
- if (err < 0)
return err;priv->sreg = nft_parse_register(tb[NFTA_CMP_SREG]); err = nft_validate_register_load(priv->sreg, desc.len); @@ -129,7 +130,8 @@ static int nft_cmp_fast_init(const struct nft_ctx *ctx, err = nft_data_init(NULL, &data, sizeof(data), &desc, tb[NFTA_CMP_DATA]);
- BUG_ON(err < 0);
- if (err < 0)
return err;priv->sreg = nft_parse_register(tb[NFTA_CMP_SREG]); err = nft_validate_register_load(priv->sreg, desc.len);
This goes from "kill kernel with backtrace" to "silently return failure". Should WARN_ON() be preserved here?
Best regards, Pavel