Received: by 10.223.176.5 with SMTP id f5csp801800wra;
        Sat, 3 Feb 2018 10:36:14 -0800 (PST)
X-Google-Smtp-Source: AH8x226vuT3ygyvVTeg2g6s/sGX0spMwjqsJDsGzbwKW7UdGWF5i5T1q8Dv1oEDPMdBIyeYKZyD8
X-Received: by 2002:a17:902:9342:: with SMTP id g2-v6mr38611229plp.34.1517682974801;
        Sat, 03 Feb 2018 10:36:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517682974; cv=none;
        d=google.com; s=arc-20160816;
        b=Z45CtFrXIQjJInBol1uJk0BHdCYKzz1gTDWZC3GAwbMF4EK4Gl/IIltc2rEXXqRxi0
         LL6vUkkGn9rcHdR9tBJsShGSmNZqOYdtqhU2vVqFoaljxyqndKWhJgzFeF6sl2/OTciH
         ue1FA6bGJDram1TH12e181zjwMNyNwciMq9LOBs/JzJBbHa1rOejXkMVlVyhSEU9/xpY
         jnHvSfLsM6c+DfIzQ1mPoR/NUWB9ds1XSfNA6F9+6gGXZhgWH5WuAhyufhmEFllQKEEl
         K0ciUSFSUmefaW3dg/3aSwXlIN6mMMQIz6u0sDMd+XA1EpxDTQ1nPyN8Wdr97dOjyN6V
         jkRQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:content-transfer-encoding
         :spamdiagnosticmetadata:spamdiagnosticoutput:content-language
         :accept-language:in-reply-to:references:message-id:date:thread-index
         :thread-topic:subject:cc:to:from:dkim-signature
         :arc-authentication-results;
        bh=sWsjgbcMlFZ458+B3FstuKkaXI6qNfiYqt7SM+DRCAI=;
        b=cb7gcrifx1C4Cd7ClmRYXxaYeEv5tRYEOAyCQnjzO0t3ADOW5oSXymaabI0KxSnEk2
         xc1I4740VOGrepRp0UveLhc+IAVvxJw0OLWW3/V8K3K/5EIAQdGlwe0UHh0H9wWaLuOa
         NB9qUvDSolntqOmFYA9hniL4bHSuenPKVAWFTcwho4EZAmFMUOdcDG0MmKg+iKEtzu3Q
         GQG+EbAJuiOjWElAaMyndwgLWQw2hqkyLGn+vJtriVxuhlGAfE4gihPKnm5bRGx2GfKs
         uXrp/4mQ2fSockNrH4pLyY3mS8DHhrqWLUv8VuusqlW8krfZYM+w3nBtkKwJyvNKJ5jO
         CLFA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@microsoft.com header.s=selector1 header.b=Cgm0CB1S;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g6si1425359pgs.673.2018.02.03.10.36.00;
        Sat, 03 Feb 2018 10:36:14 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@microsoft.com header.s=selector1 header.b=Cgm0CB1S;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754153AbeBCSe5 (ORCPT <rfc822;epopevad@gmail.com> + 99 others);
        Sat, 3 Feb 2018 13:34:57 -0500
Received: from mail-co1nam03on0092.outbound.protection.outlook.com ([104.47.40.92]:4928
        "EHLO NAM03-CO1-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1752400AbeBCSEV (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 3 Feb 2018 13:04:21 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=sWsjgbcMlFZ458+B3FstuKkaXI6qNfiYqt7SM+DRCAI=;
 b=Cgm0CB1StJQ+lqPh3O2jzTwR4pcPzJNvVR9NiJDHZVsMviDpg3ZR7Z6a/Bg25b6Dvk2adY7oBU8BI0qHVyzY6CY3P/AOdu550+Jeonnmk93Ay6RnVxGcc8jeK299++dJJV040/1vNn6OkQ13/XuIf2AlHd+glKqRVkZv+QRu0pQ=
Received: from BL0PR2101MB1027.namprd21.prod.outlook.com (52.132.20.161) by
 BL0PR2101MB1092.namprd21.prod.outlook.com (52.132.24.26) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.485.4; Sat, 3 Feb 2018 18:01:31 +0000
Received: from BL0PR2101MB1027.namprd21.prod.outlook.com
 ([fe80::a8da:b5d9:d710:9bf9]) by BL0PR2101MB1027.namprd21.prod.outlook.com
 ([fe80::a8da:b5d9:d710:9bf9%3]) with mapi id 15.20.0485.006; Sat, 3 Feb 2018
 18:01:31 +0000
From:   Sasha Levin <Alexander.Levin@microsoft.com>
To:     "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "stable@vger.kernel.org" <stable@vger.kernel.org>
CC:     Hangbin Liu <liuhangbin@gmail.com>,
        Pablo Neira Ayuso <pablo@netfilter.org>,
        Sasha Levin <Alexander.Levin@microsoft.com>
Subject: [PATCH AUTOSEL for 4.14 058/110] netfilter: nf_tables: fix potential
 NULL-ptr deref in nf_tables_dump_obj_done()
Thread-Topic: [PATCH AUTOSEL for 4.14 058/110] netfilter: nf_tables: fix
 potential NULL-ptr deref in nf_tables_dump_obj_done()
Thread-Index: AQHTnRjw66h77yRu60iAOM96oxXgVg==
Date:   Sat, 3 Feb 2018 18:00:56 +0000
Message-ID: <20180203180015.29073-58-alexander.levin@microsoft.com>
References: <20180203180015.29073-1-alexander.levin@microsoft.com>
In-Reply-To: <20180203180015.29073-1-alexander.levin@microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [52.168.54.252]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1;BL0PR2101MB1092;7:3cQF8y85l6XRQD1nJ1k7hJbLWVZnzItzQfILIWn3ETSIDWlqSG3hyRRvu1ndVLgdA/IVXNBrXStlDXGbSFeDjMYnr6w3yn9qJzrQK/+qNcZOkztwkWS6jxjboIB5cQZrfHmsArm7Dw9DuM35pg4a6dsOglibMCe/65O6l6BkzwfsCCYtNNU0dIyCg6Kn2yXF6XVU4mPVHciE3aVpuaDsjxYBYN8Ta9JvqXP29pmFPnDArWGsTmoRVB/2K/Ji5cR2
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: b8a4a913-a299-48bb-9317-08d56b3027bc
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7193020);SRVR:BL0PR2101MB1092;
x-ms-traffictypediagnostic: BL0PR2101MB1092:
x-microsoft-antispam-prvs: <BL0PR2101MB10926B74898C6EA4BD0249C8FBF80@BL0PR2101MB1092.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(89211679590171)(85827821059158);
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(61425038)(6040501)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231101)(2400082)(944501161)(6055026)(61426038)(61427038)(6041288)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011);SRVR:BL0PR2101MB1092;BCL:0;PCL:0;RULEID:;SRVR:BL0PR2101MB1092;
x-forefront-prvs: 05724A8921
x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(39860400002)(39380400002)(376002)(346002)(396003)(366004)(189003)(199004)(3280700002)(14454004)(3660700001)(105586002)(3846002)(6666003)(22452003)(6116002)(99286004)(305945005)(7736002)(2950100002)(66066001)(478600001)(54906003)(110136005)(68736007)(316002)(86362001)(106356001)(186003)(26005)(6506007)(76176011)(6346003)(10090500001)(102836004)(6436002)(4326008)(8936002)(2501003)(53936002)(86612001)(2900100001)(6486002)(2906002)(6512007)(25786009)(97736004)(72206003)(1076002)(107886003)(36756003)(5660300001)(5250100002)(39060400002)(8676002)(81156014)(81166006)(10290500003)(22906009)(217873001);DIR:OUT;SFP:1102;SCL:1;SRVR:BL0PR2101MB1092;H:BL0PR2101MB1027.namprd21.prod.outlook.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate
 permitted sender hosts)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=Alexander.Levin@microsoft.com; 
x-microsoft-antispam-message-info: IQdmFwN7Ln/CqxZXUfGaZN4fDhRZ9c2qA1+W4/eYwD7a2Mpo7EyuEfARkPHx96yZHIZPIxnb7Pvgf1vfzo+Qug==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b8a4a913-a299-48bb-9317-08d56b3027bc
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Feb 2018 18:00:56.4565
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR2101MB1092
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Hangbin Liu <liuhangbin@gmail.com>

[ Upstream commit 8bea728dce8972e534e6b99fd550f7b5cc3864e8 ]

If there is no NFTA_OBJ_TABLE and NFTA_OBJ_TYPE, the c.data will be NULL in
nf_tables_getobj(). So before free filter->table in nf_tables_dump_obj_done=
(),
we need to check if filter is NULL first.

Fixes: e46abbcc05aa ("netfilter: nf_tables: Allow table names of up to 255 =
chars")
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
Acked-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
---
 net/netfilter/nf_tables_api.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index ce49946f755e..5b504aa653f5 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -4596,8 +4596,10 @@ static int nf_tables_dump_obj_done(struct netlink_ca=
llback *cb)
 {
 	struct nft_obj_filter *filter =3D cb->data;
=20
-	kfree(filter->table);
-	kfree(filter);
+	if (filter) {
+		kfree(filter->table);
+		kfree(filter);
+	}
=20
 	return 0;
 }
--=20
2.11.0