netfilter: nft_range: add the missing NULL pointer check

Otherwise, kernel panic will happen if the user does not specify
the related attributes.

Fixes: 0f3cd9b36977 ("netfilter: nf_tables: add range expression")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nft_range.c b/net/netfilter/nft_range.c
index fbc8800..8f0aaae 100644 (file)
--- a/net/netfilter/nft_range.c
+++ b/net/netfilter/nft_range.c
@@ -59,6 +59,12 @@ static int nft_range_init(const struct nft_ctx *ctx, const struct nft_expr *expr
        int err;
        u32 op;
 
+       if (!tb[NFTA_RANGE_SREG]      ||
+           !tb[NFTA_RANGE_OP]        ||
+           !tb[NFTA_RANGE_FROM_DATA] ||
+           !tb[NFTA_RANGE_TO_DATA])
+               return -EINVAL;
+
        err = nft_data_init(NULL, &priv->data_from, sizeof(priv->data_from),
                            &desc_from, tb[NFTA_RANGE_FROM_DATA]);
        if (err < 0)