netfilter/ct: fix calling nfnl_*_put() on uninitialized memory after nfnlmsg_*_parse()

nfnlmsg_*_parse() does not assign *result on error. So this will lead to freeing a dangling pointer. Error found by coverity. Acked-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Thomas Haller <thaller@redhat.com>
author: Thomas Haller <thaller@redhat.com> 2014-06-10 16:06:37 (GMT)
committer: Thomas Haller <thaller@redhat.com> 2014-06-10 19:45:52 (GMT)
commit: 90cfeeecac148ca58b066a9c5384cba80ebc3cbb (patch)
tree: dddd474c7702380ade9e6ad31b2e5d81b56cf549 /lib/netfilter
parent: d7a9e74f82d136d1e3fa4e174e8b7ba9595ec9a9 (diff)
download: libnl-90cfeeecac148ca58b066a9c5384cba80ebc3cbb.zip
libnl-90cfeeecac148ca58b066a9c5384cba80ebc3cbb.tar.gz
libnl-90cfeeecac148ca58b066a9c5384cba80ebc3cbb.tar.bz2
4 files changed, 4 insertions, 8 deletions
diff --git a/lib/netfilter/ct.c b/lib/netfilter/ct.c
index 04f9d01..36a83db 100644
--- a/lib/netfilter/ct.c
+++ b/lib/netfilter/ct.c
@@ -414,10 +414,9 @@ static int ct_msg_parser(struct nl_cache_ops *ops, struct sockaddr_nl *who,
 	int err;
 
 	if ((err = nfnlmsg_ct_parse(nlh, &ct)) < 0)
-		goto errout;
+		return err;
 
 	err = pp->pp_cb((struct nl_object *) ct, pp);
-errout:
 	nfnl_ct_put(ct);
 	return err;
 }
diff --git a/lib/netfilter/exp.c b/lib/netfilter/exp.c
index 86ed8d1..9cfdd2b 100644
--- a/lib/netfilter/exp.c
+++ b/lib/netfilter/exp.c
@@ -298,10 +298,9 @@ static int exp_msg_parser(struct nl_cache_ops *ops, struct sockaddr_nl *who,
 	int err;
 
 	if ((err = nfnlmsg_exp_parse(nlh, &exp)) < 0)
-		goto errout;
+		return err;
 
 	err = pp->pp_cb((struct nl_object *) exp, pp);
-errout:
 	nfnl_exp_put(exp);
 	return err;
 }
diff --git a/lib/netfilter/log_msg.c b/lib/netfilter/log_msg.c
index 6e09da2..5ffdaf8 100644
--- a/lib/netfilter/log_msg.c
+++ b/lib/netfilter/log_msg.c
@@ -174,10 +174,9 @@ static int log_msg_parser(struct nl_cache_ops *ops, struct sockaddr_nl *who,
 	int err;
 
 	if ((err = nfnlmsg_log_msg_parse(nlh, &msg)) < 0)
-		goto errout;
+		return err;
 
 	err = pp->pp_cb((struct nl_object *) msg, pp);
-errout:
 	nfnl_log_msg_put(msg);
 	return err;
 }
diff --git a/lib/netfilter/queue_msg.c b/lib/netfilter/queue_msg.c
index 1425577..3388923 100644
--- a/lib/netfilter/queue_msg.c
+++ b/lib/netfilter/queue_msg.c
@@ -153,10 +153,9 @@ static int queue_msg_parser(struct nl_cache_ops *ops, struct sockaddr_nl *who,
 	int err;
 
 	if ((err = nfnlmsg_queue_msg_parse(nlh, &msg)) < 0)
-		goto errout;
+		return err;
 
 	err = pp->pp_cb((struct nl_object *) msg, pp);
-errout:
 	nfnl_queue_msg_put(msg);
 	return err;
 }
author	Thomas Haller <thaller@redhat.com>	2014-06-10 16:06:37 (GMT)
committer	Thomas Haller <thaller@redhat.com>	2014-06-10 19:45:52 (GMT)
commit	90cfeeecac148ca58b066a9c5384cba80ebc3cbb (patch)
tree	dddd474c7702380ade9e6ad31b2e5d81b56cf549 /lib/netfilter
parent	d7a9e74f82d136d1e3fa4e174e8b7ba9595ec9a9 (diff)
download	libnl-90cfeeecac148ca58b066a9c5384cba80ebc3cbb.zip libnl-90cfeeecac148ca58b066a9c5384cba80ebc3cbb.tar.gz libnl-90cfeeecac148ca58b066a9c5384cba80ebc3cbb.tar.bz2