[net-next] netfilter: nf_tables: fix wrong pointer passed to PTR_ERR()

Commit Message

Yang Yingliang Jan. 19, 2023, 7:51 a.m. UTC

It should be 'chain' passed to PTR_ERR() in the error path
after calling nft_chain_lookup() in nf_tables_delrule().

Fixes: f80a612dd77c ("netfilter: nf_tables: add support to destroy operation")
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
---
 net/netfilter/nf_tables_api.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Simon Horman Jan. 22, 2023, 4:12 p.m. UTC | #1

On Thu, Jan 19, 2023 at 03:51:25PM +0800, Yang Yingliang wrote:
> It should be 'chain' passed to PTR_ERR() in the error path
> after calling nft_chain_lookup() in nf_tables_delrule().
> 
> Fixes: f80a612dd77c ("netfilter: nf_tables: add support to destroy operation")
> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

Reviewed-by: Simon Horman <simon.horman@corigine.com>

Fernando F. Mancera Jan. 24, 2023, 1:16 p.m. UTC | #2

On 19/01/2023 08:51, Yang Yingliang wrote:
> It should be 'chain' passed to PTR_ERR() in the error path
> after calling nft_chain_lookup() in nf_tables_delrule().
> 
> Fixes: f80a612dd77c ("netfilter: nf_tables: add support to destroy operation")
> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
> ---
>   net/netfilter/nf_tables_api.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> index 974b95dece1d..10264e98978b 100644
> --- a/net/netfilter/nf_tables_api.c
> +++ b/net/netfilter/nf_tables_api.c
> @@ -3724,7 +3724,7 @@ static int nf_tables_delrule(struct sk_buff *skb, const struct nfnl_info *info,
>   		chain = nft_chain_lookup(net, table, nla[NFTA_RULE_CHAIN],
>   					 genmask);
>   		if (IS_ERR(chain)) {
> -			if (PTR_ERR(rule) == -ENOENT &&
> +			if (PTR_ERR(chain) == -ENOENT &&
>   			    NFNL_MSG_TYPE(info->nlh->nlmsg_type) == NFT_MSG_DESTROYRULE)
>   				return 0;
>   

Acked-by: Fernando Fernandez Mancera <ffmancera@riseup.net>

Pablo Neira Ayuso Feb. 1, 2023, 11:17 a.m. UTC | #3

On Tue, Jan 24, 2023 at 02:16:55PM +0100, Fernando F. Mancera wrote:
> 
> 
> On 19/01/2023 08:51, Yang Yingliang wrote:
> > It should be 'chain' passed to PTR_ERR() in the error path
> > after calling nft_chain_lookup() in nf_tables_delrule().
> > 
> > Fixes: f80a612dd77c ("netfilter: nf_tables: add support to destroy operation")
> > Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
> > ---
> >   net/netfilter/nf_tables_api.c | 2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> > index 974b95dece1d..10264e98978b 100644
> > --- a/net/netfilter/nf_tables_api.c
> > +++ b/net/netfilter/nf_tables_api.c
> > @@ -3724,7 +3724,7 @@ static int nf_tables_delrule(struct sk_buff *skb, const struct nfnl_info *info,
> >   		chain = nft_chain_lookup(net, table, nla[NFTA_RULE_CHAIN],
> >   					 genmask);
> >   		if (IS_ERR(chain)) {
> > -			if (PTR_ERR(rule) == -ENOENT &&
> > +			if (PTR_ERR(chain) == -ENOENT &&
> >   			    NFNL_MSG_TYPE(info->nlh->nlmsg_type) == NFT_MSG_DESTROYRULE)
> >   				return 0;
> 
> Acked-by: Fernando Fernandez Mancera <ffmancera@riseup.net>

Applied, thanks

Patch

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 974b95dece1d..10264e98978b 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3724,7 +3724,7 @@  static int nf_tables_delrule(struct sk_buff *skb, const struct nfnl_info *info,
 		chain = nft_chain_lookup(net, table, nla[NFTA_RULE_CHAIN],
 					 genmask);
 		if (IS_ERR(chain)) {
-			if (PTR_ERR(rule) == -ENOENT &&
+			if (PTR_ERR(chain) == -ENOENT &&
 			    NFNL_MSG_TYPE(info->nlh->nlmsg_type) == NFT_MSG_DESTROYRULE)
 				return 0;