From: Patrick McHardy <kaber@trash.net>
Date: Wed, 5 Feb 2014 15:03:35 +0000 (+0000)
Subject: netfilter: nf_tables: fix potential oops when dumping sets
X-Git-Tag: v3.14-rc3~36^2~28^2~10
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ec2c9935688fbd5eaa7c975e3e21562c3da77363;p=pandora-kernel.git

netfilter: nf_tables: fix potential oops when dumping sets

Commit c9c8e48597 (netfilter: nf_tables: dump sets in all existing families)
changed nft_ctx_init_from_setattr() to only look up the address family if it
is not NFPROTO_UNSPEC. However if it is NFPROTO_UNSPEC and a table attribute
is given, nftables_afinfo_lookup() will dereference the NULL afi pointer.

Fix by checking for non-NULL afi and also move a check added by that commit
to the proper position.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

Reading git-diff-tree failed