Return -EINVAL is mandatory attributes are missing.

Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
---
 net/netfilter/nf_tables_api.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 43acdeef045d..2b5aa78979db 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5161,6 +5161,11 @@ static int nf_tables_delflowtable(struct net *net, 
struct sock *nlsk,
        struct nft_table *table;
        struct nft_ctx ctx;
 
+       if (!nla[NFTA_FLOWTABLE_TABLE] ||
+           (!nla[NFTA_FLOWTABLE_NAME] &&
+            !nla[NFTA_FLOWTABLE_HANDLE]))
+               return -EINVAL;
+
        table = nf_tables_table_lookup(net, nla[NFTA_FLOWTABLE_TABLE],
                                       family, genmask);
        if (IS_ERR(table))
-- 
2.11.0

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to