tproxy: Add missing error checking when parsing from netlink

netlink_get_register() may return NULL and every other caller checks
that. Assuming this situation is not expected, just jump to 'err' label
without queueing an explicit error message.

Fixes: 2be1d52644cf7 ("src: Add tproxy support")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index f7d328a8369981cde7c64d66253f9de9716c0bb5..154353b8161a0be59c4615a7feb03accc7a29a51 100644 (file)
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1041,6 +1041,8 @@ static void netlink_parse_tproxy(struct netlink_parse_ctx *ctx,
        reg = netlink_parse_register(nle, NFTNL_EXPR_TPROXY_REG_ADDR);
        if (reg) {
                addr = netlink_get_register(ctx, loc, reg);
+               if (addr == NULL)
+                       goto err;
 
                switch (stmt->tproxy.family) {
                case NFPROTO_IPV4:
@@ -1060,6 +1062,8 @@ static void netlink_parse_tproxy(struct netlink_parse_ctx *ctx,
        reg = netlink_parse_register(nle, NFTNL_EXPR_TPROXY_REG_PORT);
        if (reg) {
                port = netlink_get_register(ctx, loc, reg);
+               if (port == NULL)
+                       goto err;
                expr_set_type(port, &inet_service_type, BYTEORDER_BIG_ENDIAN);
                stmt->tproxy.port = port;
        }