summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLiping Zhang <zlpnobody@gmail.com>2017-03-15 15:22:08 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2017-03-15 17:15:54 +0100
commit4494dbc6dec37817f2cc2aa7604039a9e87ada18 (patch)
tree58c35e56d52fe2045a7ea014ea35ad0a9c101323
parentRevert "netfilter: nf_tables: add flush field to struct nft_set_iter" (diff)
downloadlinux-4494dbc6dec37817f2cc2aa7604039a9e87ada18.tar.xz
linux-4494dbc6dec37817f2cc2aa7604039a9e87ada18.zip
netfilter: nft_ct: do cleanup work when NFTA_CT_DIRECTION is invalid
We should jump to invoke __nft_ct_set_destroy() instead of just return error. Fixes: edee4f1e9245 ("netfilter: nft_ct: add zone id set support") Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Acked-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--net/netfilter/nft_ct.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 91585b5e5307..0264258c46fe 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -544,7 +544,8 @@ static int nft_ct_set_init(const struct nft_ctx *ctx,
case IP_CT_DIR_REPLY:
break;
default:
- return -EINVAL;
+ err = -EINVAL;
+ goto err1;
}
}