Re: [patch 13/23] [PATCH] [NETFILTER] ctnetlink: Fix oops when no ICMP ID info in message

From: Harald Welte
Date: Wed Nov 23 2005 - 01:59:11 EST

On Wed, Nov 23, 2005 at 12:31:55AM +0100, Krzysztof Oledzki wrote:
> On Tue, 22 Nov 2005, Chris Wright wrote:
> >-stable review patch. If anyone has any objections, please let us know.
> It seems we have two different patches here.

yes, it seems like two independent patches slipped into the one patch
that was submitted. I detected that error for mainline, but forgot that
the same patch was submitted for stable.

So the first part (as pointed out by Krzyzstof) is not a bugfix, but a
cosmetic fix.

I therefore request reverting this patch '13', and instead applying the version
below, the one that contains only the real fix (as indicated in the

Sorry once again.

[NETFILTER] ctnetlink: Fix oops when no ICMP ID info in message

This patch fixes an userspace triggered oops. If there is no ICMP_ID
info the reference to attr will be NULL.

Signed-off-by: Krzysztof Piotr Oledzki <ole@xxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Signed-off-by: Harald Welte <laforge@xxxxxxxxxxxxx>

commit 922474105255d7791128688c8e60bb27a8eadf1d
tree b072448bfe0b79058b03ed798a1145ad1a7c6397
parent 723cb15b48e5510094296a9fc240d69a3acae95c
author Krzysztof Piotr Oledzki <ole@xxxxxx> Tue, 15 Nov 2005 12:16:43 +0100
committer Harald Welte <laforge@xxxxxxxxxxxxx> Tue, 15 Nov 2005 12:16:43 +0100

net/ipv4/netfilter/ip_conntrack_proto_icmp.c | 13 +++++++------
1 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
--- a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
@@ -296,7 +296,8 @@ static int icmp_nfattr_to_tuple(struct n
struct ip_conntrack_tuple *tuple)
- || !tb[CTA_PROTO_ICMP_CODE-1])
+ || !tb[CTA_PROTO_ICMP_ID-1])
return -1;

tuple->dst.u.icmp.type =
- Harald Welte <laforge@xxxxxxxxxxxxx>
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie

Attachment: pgp00000.pgp
Description: PGP signature