Commit e603ea4b authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso

netfilter: nf_tables: missing attribute validation in nf_tables_delflowtable()

Return -EINVAL is mandatory attributes are missing.
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 32fc7187
...@@ -5161,6 +5161,11 @@ static int nf_tables_delflowtable(struct net *net, struct sock *nlsk, ...@@ -5161,6 +5161,11 @@ static int nf_tables_delflowtable(struct net *net, struct sock *nlsk,
struct nft_table *table; struct nft_table *table;
struct nft_ctx ctx; struct nft_ctx ctx;
if (!nla[NFTA_FLOWTABLE_TABLE] ||
(!nla[NFTA_FLOWTABLE_NAME] &&
!nla[NFTA_FLOWTABLE_HANDLE]))
return -EINVAL;
table = nf_tables_table_lookup(net, nla[NFTA_FLOWTABLE_TABLE], table = nf_tables_table_lookup(net, nla[NFTA_FLOWTABLE_TABLE],
family, genmask); family, genmask);
if (IS_ERR(table)) if (IS_ERR(table))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment