diff options
| author | David S. Miller <davem@davemloft.net> | 2012-04-01 20:40:20 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2012-04-02 04:33:43 -0400 |
| commit | d317e4f68f5445e536dbd45381e7c900a33413db (patch) | |
| tree | 7212db7295276d22e98d175e6699672f866b9b3d /net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | |
| parent | f3756b79e8f76cb92830383c215deba146fe0a26 (diff) | |
| download | linux-d317e4f68f5445e536dbd45381e7c900a33413db.tar.gz | |
netfilter: ipv4: Stop using NLA_PUT*().
These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c')
| -rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index de9da21113a11..5c45e30cf7882 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c @@ -303,8 +303,9 @@ getorigdst(struct sock *sk, int optval, void __user *user, int *len) static int ipv4_tuple_to_nlattr(struct sk_buff *skb, const struct nf_conntrack_tuple *tuple) { - NLA_PUT_BE32(skb, CTA_IP_V4_SRC, tuple->src.u3.ip); - NLA_PUT_BE32(skb, CTA_IP_V4_DST, tuple->dst.u3.ip); + if (nla_put_be32(skb, CTA_IP_V4_SRC, tuple->src.u3.ip) || + nla_put_be32(skb, CTA_IP_V4_DST, tuple->dst.u3.ip)) + goto nla_put_failure; return 0; nla_put_failure: |