Skip to content
Commit 399a14ec authored by Florian Westphal's avatar Florian Westphal Committed by Jakub Kicinski
Browse files

netfilter: nf_tables: fix crash when nf_trace is enabled 



do not access info->pkt when info->trace is not 1.
nft_traceinfo is not initialized, except when tracing is enabled.

The 'nft_trace_enabled' static key cannot be used for this, we must
always check info->trace first.

Pass nft_pktinfo directly to avoid this.

Fixes: e34b9ed9 ("netfilter: nf_tables: avoid skb access on nf_stolen")
Reported-by: default avatarHangbin Liu <liuhangbin@gmail.com>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent 2e64fe46
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment