From: Andrew S. Johnson <jengelh@inai.de>
Date: Sun, 28 Feb 2021 14:54:56 +0000 (+0100)
Subject: xt_pknock: cure NULL dereference
X-Git-Tag: v3.17~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=42a9b5c6c325231af3f14ba2ad9c28d4f1a8bbd7;p=thirdparty%2Fxtables-addons.git

xt_pknock: cure NULL dereference

The original patch for long division on x86 didn't take into account
the use of short circuit logic for checking if peer is NULL before
testing it. Here is a revised patch to v3.16.
---

diff --git a/extensions/pknock/xt_pknock.c b/extensions/pknock/xt_pknock.c
index 8fc3358..4e8ab2d 100644
--- a/extensions/pknock/xt_pknock.c
+++ b/extensions/pknock/xt_pknock.c
@@ -311,9 +311,13 @@ static void update_rule_gc_timer(struct xt_pknock_rule *rule)
 static inline bool
 autoclose_time_passed(const struct peer *peer, unsigned int autoclose_time)
 {
-	unsigned long x = ktime_get_seconds();
-	unsigned long y = peer->login_sec + autoclose_time * 60;
-	return peer != NULL && autoclose_time != 0 && time_after(x, y);
+	if (peer != NULL) {
+		unsigned long x = ktime_get_seconds();
+		unsigned long y = peer->login_sec + autoclose_time * 60;
+		return autoclose_time != 0 && time_after(x, y);
+	} else {
+		return 0;
+	}
 }
 
 /**
@@ -335,8 +339,12 @@ is_interknock_time_exceeded(const struct peer *peer, unsigned int max_time)
 static inline bool
 has_logged_during_this_minute(const struct peer *peer)
 {
-	unsigned long x = ktime_get_seconds(), y = peer->login_sec;
-	return peer != NULL && do_div(y, 60) == do_div(x, 60);
+	if (peer != NULL) {
+		unsigned long x = ktime_get_seconds(), y = peer->login_sec;
+		return do_div(y, 60) == do_div(x, 60);
+	} else {
+		return 0;
+	}
 }
 
 /**