netfilter: nft_ct: fix null pointer in ct expectations support

nf_ct_helper_ext_add may return null, which must then be checked.

Fixes: 857b46027d6f ("netfilter: nft_ct: add ct expectations support")
Reported-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Stéphane Veyret <sveyret@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 06b52c89457329f01f27a5ce81b9c8f65217e0f7..77dab1bdb3ca241119286e6cae00846ad4723422 100644 (file)
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -1232,6 +1232,10 @@ static void nft_ct_expect_obj_eval(struct nft_object *obj,
        help = nfct_help(ct);
        if (!help)
                help = nf_ct_helper_ext_add(ct, GFP_ATOMIC);
+       if (!help) {
+               regs->verdict.code = NF_DROP;
+               return;
+       }
 
        if (help->expecting[NF_CT_EXPECT_CLASS_DEFAULT] >= priv->size) {
                regs->verdict.code = NFT_BREAK;