From: Liping Zhang <liping.zhang@spreadtrum.com>
Date: Sat, 16 Jul 2016 11:39:53 +0000 (+0800)
Subject: extensions: libxt_connlabel: fix crash when connlabel.conf is empty
X-Git-Tag: v1.6.1~55
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ebca5a8151a05969ed18c060799e099c9a599b08;p=thirdparty%2Fiptables.git

extensions: libxt_connlabel: fix crash when connlabel.conf is empty

When connlabel.conf is empty, nfct_labelmap_new will return NULL and
set errno to 0. So we will miss to check this situation, and cause NULL
deference in nfct_labelmap_get_bit.

Input the following commands will reproduce this crash:
  # echo > /etc/xtables/connlabel.conf
  # iptables -A INPUT -m connlabel --label abc
  Segmentation fault (core dumped)

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c
index 1f830954..355c99ae 100644
--- a/extensions/libxt_connlabel.c
+++ b/extensions/libxt_connlabel.c
@@ -38,9 +38,16 @@ static void connlabel_open(void)
 		return;
 
 	map = nfct_labelmap_new(NULL);
-	if (!map && errno)
-		xtables_error(RESOURCE_PROBLEM, "cannot open connlabel.conf: %s\n",
-			strerror(errno));
+	if (map != NULL)
+		return;
+
+	if (errno) {
+		xtables_error(RESOURCE_PROBLEM,
+			"cannot open connlabel.conf: %s", strerror(errno));
+	} else {
+		xtables_error(RESOURCE_PROBLEM,
+			"cannot parse label, maybe valid label map is empty");
+	}
 }
 
 static void connlabel_mt_parse(struct xt_option_call *cb)