[NETFILTER]: Don't assign new helper after NAT when there are already expectations...

Tracked down by Raivis Bucis <raivis@mt.lv>

This patch fixes an oops while listing /proc/net/ip_conntrack.

When a helper sets up expectations based on the first packet (tftp),
NAT can still change the packet and cause conntrack to look for a new helper
based on the new tuple. When no helper is found, expectant->helper will be
NULL, which leads to an oops in print_expect().

Only assign a new helper in ip_conntrack_alter_reply() if there are no
expectations.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@redhat.com>

diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index 50a467898671cc3f9a96eaafda8723c6af73575e..b79afaf452a9736a99b38ddc23a4c40347e0383f 100644 (file)
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -1127,10 +1127,8 @@ int ip_conntrack_alter_reply(struct ip_conntrack *conntrack,
        DUMP_TUPLE(newreply);
 
        conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = *newreply;
-       if (!conntrack->master)
-               conntrack->helper = LIST_FIND(&helpers, helper_cmp,
-                                             struct ip_conntrack_helper *,
-                                             newreply);
+       if (!conntrack->master && list_empty(&conntrack->sibling_list))
+               conntrack->helper = ip_ct_find_helper(newreply);
        WRITE_UNLOCK(&ip_conntrack_lock);
 
        return 1;