diff options
author | Pablo Neira Ayuso | 2019-12-06 22:25:55 +0100 |
---|---|---|
committer | Pablo Neira Ayuso | 2019-12-09 13:14:04 +0100 |
commit | fd57d0cbe187e93f63777d36e9f49293311d417f (patch) | |
tree | d51a0450ffdec9791e2e32e978801908b8eb3d19 | |
parent | 0d2c96af797ba149e559c5875c0151384ab6dd14 (diff) |
netfilter: nf_tables: skip module reference count bump on object updates
Use __nft_obj_type_get() instead, otherwise there is a module reference
counter leak.
Fixes: d62d0ba97b58 ("netfilter: nf_tables: Introduce stateful object update operation")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | net/netfilter/nf_tables_api.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 72a7816ba761..a8caf7386fa9 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -5484,7 +5484,7 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk, if (nlh->nlmsg_flags & NLM_F_REPLACE) return -EOPNOTSUPP; - type = nft_obj_type_get(net, objtype); + type = __nft_obj_type_get(objtype); nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla); return nf_tables_updobj(&ctx, type, nla[NFTA_OBJ_DATA], obj); |