[NETFILTER] NAT: Fix module refcount dropping too far
The unknown protocol is used as a fallback when a protocol isn't known. Hence we cannot handle it failing, so don't set ".me". It's OK, since we only grab a reference from within the same module (iptable_nat.ko), so we never take the module refcount from 0 to 1. Also, remove the "protocol is NULL" test: it's never NULL. Signed-off-by: Rusty Rusty <rusty@rustcorp.com.au> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
This commit is contained in:
parent
d811552eda
commit
d2a7bb7141
2 changed files with 3 additions and 5 deletions
|
@ -66,10 +66,8 @@ ip_nat_proto_find_get(u_int8_t protonum)
|
|||
* removed until we've grabbed the reference */
|
||||
preempt_disable();
|
||||
p = __ip_nat_proto_find(protonum);
|
||||
if (p) {
|
||||
if (!try_module_get(p->me))
|
||||
p = &ip_nat_unknown_protocol;
|
||||
}
|
||||
if (!try_module_get(p->me))
|
||||
p = &ip_nat_unknown_protocol;
|
||||
preempt_enable();
|
||||
|
||||
return p;
|
||||
|
|
|
@ -62,7 +62,7 @@ unknown_print_range(char *buffer, const struct ip_nat_range *range)
|
|||
|
||||
struct ip_nat_protocol ip_nat_unknown_protocol = {
|
||||
.name = "unknown",
|
||||
.me = THIS_MODULE,
|
||||
/* .me isn't set: getting a ref to this cannot fail. */
|
||||
.manip_pkt = unknown_manip_pkt,
|
||||
.in_range = unknown_in_range,
|
||||
.unique_tuple = unknown_unique_tuple,
|
||||
|
|
Loading…
Reference in a new issue