netfilter: nft_inner: fix IS_ERR() vs NULL check
authorDan Carpenter <error27@gmail.com>
Tue, 15 Nov 2022 13:26:07 +0000 (16:26 +0300)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 22 Nov 2022 21:29:54 +0000 (22:29 +0100)
The __nft_expr_type_get() function returns NULL on error.  It never
returns error pointers.

Fixes: 3a07327d10a0 ("netfilter: nft_inner: support for inner tunnel header matching")
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_api.c

index 2fa52b8d5ce18a57cc66b2952db6d472e639e907..833850a4780fad68e7e4faf74b844a30d55556d4 100644 (file)
@@ -2873,8 +2873,8 @@ int nft_expr_inner_parse(const struct nft_ctx *ctx, const struct nlattr *nla,
                return -EINVAL;
 
        type = __nft_expr_type_get(ctx->family, tb[NFTA_EXPR_NAME]);
-       if (IS_ERR(type))
-               return PTR_ERR(type);
+       if (!type)
+               return -ENOENT;
 
        if (!type->inner_ops)
                return -EOPNOTSUPP;