From 7bc416f1471686faa8030cd5338f6a5370e01b25 Mon Sep 17 00:00:00 2001 From: Lukas Bulwahn Date: Mon, 23 Aug 2021 22:27:29 +0200 Subject: [PATCH] netfilter: x_tables: handle xt_register_template() returning an error value Commit fdacd57c79b7 ("netfilter: x_tables: never register tables by default") introduces the function xt_register_template(), and in one case, a call to that function was missing the error-case handling. Handle when xt_register_template() returns an error value. This was identified with the clang-analyzer's Dead-Store analysis. Signed-off-by: Lukas Bulwahn Reviewed-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso --- net/ipv4/netfilter/iptable_mangle.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/ipv4/netfilter/iptable_mangle.c b/net/ipv4/netfilter/iptable_mangle.c index b52a4c8..40417a3 100644 --- a/net/ipv4/netfilter/iptable_mangle.c +++ b/net/ipv4/netfilter/iptable_mangle.c @@ -112,6 +112,8 @@ static int __init iptable_mangle_init(void) { int ret = xt_register_template(&packet_mangler, iptable_mangle_table_init); + if (ret < 0) + return ret; mangle_ops = xt_hook_ops_alloc(&packet_mangler, iptable_mangle_hook); if (IS_ERR(mangle_ops)) { -- 2.7.4