Fedora kernel-2.6.17-1.2142_FC4 patched with stable patch-2.6.17.4-vs2.0.2-rc26.diff

[linux-2.6.git] / net / ipv4 / netfilter / ip_nat_snmp_basic.c
diff --git a/net/ipv4/netfilter/ip_nat_snmp_basic.c b/net/ipv4/netfilter/ip_nat_snmp_basic.c

index 2a48b6e..c332442 100644 (file)
--- a/net/ipv4/netfilter/ip_nat_snmp_basic.c
+++ b/net/ipv4/netfilter/ip_nat_snmp_basic.c
@@ -44,6 +44,7 @@
   *
   */
  #include <linux/config.h>
+#include <linux/in.h>
  #include <linux/module.h>
  #include <linux/types.h>
  #include <linux/kernel.h>
@@ -53,6 +54,7 @@
  #include <linux/netfilter_ipv4/ip_conntrack_helper.h>
  #include <linux/netfilter_ipv4/ip_nat_helper.h>
  #include <linux/ip.h>
+#include <linux/udp.h>
  #include <net/checksum.h>
  #include <net/udp.h>
  #include <asm/uaccess.h>
@@ -248,6 +250,7 @@ static unsigned char asn1_header_decode(struct asn1_ctx *ctx,
         if (!asn1_id_decode(ctx, cls, con, tag))
                 return 0;
                 
+       def = len = 0;
         if (!asn1_length_decode(ctx, &def, &len))
                 return 0;
                 
@@ -667,7 +670,7 @@ static unsigned char snmp_object_decode(struct asn1_ctx *ctx,
         unsigned char *eoc, *end, *p;
         unsigned long *lp, *id;
         unsigned long ul;
-       long  l;
+       long l;
         
         *obj = NULL;
         id = NULL;
@@ -697,11 +700,13 @@ static unsigned char snmp_object_decode(struct asn1_ctx *ctx,
                 return 0;
         }
         
+       type = 0;
         if (!snmp_tag_cls2syntax(tag, cls, &type)) {
                 kfree(id);
                 return 0;
         }
         
+       l = 0;
         switch (type) {
                 case SNMP_INTEGER:
                         len = sizeof(long);
@@ -763,6 +768,7 @@ static unsigned char snmp_object_decode(struct asn1_ctx *ctx,
                         len *= sizeof(unsigned long);
                         *obj = kmalloc(sizeof(struct snmp_object) + len, GFP_ATOMIC);
                         if (*obj == NULL) {
+                               kfree(lp);
                                 kfree(id);
                                 if (net_ratelimit())
                                         printk("OOM in bsalg (%d)\n", __LINE__);
@@ -998,12 +1004,12 @@ static unsigned char snmp_trap_decode(struct asn1_ctx *ctx,
                 
         return 1;
  
+err_addr_free:
+       kfree((unsigned long *)trap->ip_address);
+
  err_id_free:
         kfree(trap->id);
  
-err_addr_free:
-       kfree((unsigned long *)trap->ip_address);
-       
         return 0;
  }
  
@@ -1121,11 +1127,10 @@ static int snmp_parse_mangle(unsigned char *msg,
                 struct snmp_v1_trap trap;
                 unsigned char ret = snmp_trap_decode(&ctx, &trap, map, check);
                 
-               /* Discard trap allocations regardless */
-               kfree(trap.id);
-               kfree((unsigned long *)trap.ip_address);
-               
-               if (!ret)
+               if (ret) {
+                       kfree(trap.id);
+                       kfree((unsigned long *)trap.ip_address);
+               } else 
                         return ret;
                 
         } else {
@@ -1161,8 +1166,7 @@ static int snmp_parse_mangle(unsigned char *msg,
                 
                 if (!snmp_object_decode(&ctx, obj)) {
                         if (*obj) {
-                               if ((*obj)->id)
-                                       kfree((*obj)->id);
+                               kfree((*obj)->id);
                                 kfree(*obj);
                         }       
                         kfree(obj);
@@ -1275,7 +1279,7 @@ static int help(struct sk_buff **pskb,
                  return NF_DROP;
         }
  
-       if (!skb_ip_make_writable(pskb, (*pskb)->len))
+       if (!skb_make_writable(pskb, (*pskb)->len))
                 return NF_DROP;
  
         spin_lock_bh(&snmp_lock);
@@ -1320,7 +1324,7 @@ static struct ip_conntrack_helper snmp_trap_helper = {
   *
   *****************************************************************************/
   
-static int __init init(void)
+static int __init ip_nat_snmp_basic_init(void)
  {
         int ret = 0;
  
@@ -1335,13 +1339,13 @@ static int __init init(void)
         return ret;
  }
  
-static void __exit fini(void)
+static void __exit ip_nat_snmp_basic_fini(void)
  {
         ip_conntrack_helper_unregister(&snmp_helper);
         ip_conntrack_helper_unregister(&snmp_trap_helper);
  }
  
-module_init(init);
-module_exit(fini);
+module_init(ip_nat_snmp_basic_init);
+module_exit(ip_nat_snmp_basic_fini);
  
  module_param(debug, bool, 0600);