aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2006-07-24 22:52:10 -0700
committerDavid S. Miller <davem@davemloft.net>2006-07-24 22:52:10 -0700
commit083edca05ab1fa6efac1ba414018f7f45a4a83ff (patch)
treed135d53781c13afb23dcfe8576e37edff2224406
parentb4e54de8d34afe7fcf08bfe91070d9dfeae6ed27 (diff)
downloadkernel_samsung_espresso10-083edca05ab1fa6efac1ba414018f7f45a4a83ff.zip
kernel_samsung_espresso10-083edca05ab1fa6efac1ba414018f7f45a4a83ff.tar.gz
kernel_samsung_espresso10-083edca05ab1fa6efac1ba414018f7f45a4a83ff.tar.bz2
[NETFILTER]: H.323 helper: fix possible NULL-ptr dereference
An RCF message containing a timeout results in a NULL-ptr dereference if no RRQ has been seen before. Noticed by the "SATURN tool", reported by Thomas Dillig <tdillig@stanford.edu> and Isil Dillig <isil@stanford.edu>. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/netfilter/ip_conntrack_helper_h323.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_h323.c b/net/ipv4/netfilter/ip_conntrack_helper_h323.c
index af35235..9a39e29 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_h323.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_h323.c
@@ -1200,7 +1200,7 @@ static struct ip_conntrack_expect *find_expect(struct ip_conntrack *ct,
tuple.dst.protonum = IPPROTO_TCP;
exp = __ip_conntrack_expect_find(&tuple);
- if (exp->master == ct)
+ if (exp && exp->master == ct)
return exp;
return NULL;
}