On Tue, Sep 06, 2016 at 04:51:17PM +0200, Florian Westphal wrote:
> f...@ikuai8.com wrote:
> > From: Gao Feng
> >
> > When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj
> > extension. But the function nf_ct_seqadj_init doesn't check if get
inline
On Tue, Sep 6, 2016 at 10:51 PM, Florian Westphal wrote:
> f...@ikuai8.com wrote:
>> From: Gao Feng
>>
>> When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj
>> extension. But the function nf_ct_seqadj_init doesn't
f...@ikuai8.com wrote:
> From: Gao Feng
>
> When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj
> extension. But the function nf_ct_seqadj_init doesn't check if get valid
> seqadj pointer by the nfct_seqadj.
>
> Now drop the packet
From: Gao Feng
When memory is exhausted, nfct_seqadj_ext_add may fail to add the seqadj
extension. But the function nf_ct_seqadj_init doesn't check if get valid
seqadj pointer by the nfct_seqadj.
Now drop the packet directly when fail to add seqadj extension to avoid