netfilter: nft_nat: don't dump port information if unset

Don't include port information attributes if they are unset. Reported-by: Ana Rey <anarey@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2014-06-13 13:45:38 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-06-16 13:08:14 +0200
commit: 915136065b7ca75af4cae06281e4dc43926edbfe (patch)
tree: a7ac3f16f90b58a14900846a80fa3d28ebc01eeb /net
parent: 6403d96254c7c44fdfa163248b1198c714c65f6a (diff)
download: linux-915136065b7ca75af4cae06281e4dc43926edbfe.tar.gz
1 files changed, 8 insertions, 6 deletions
diff --git a/net/netfilter/nft_nat.c b/net/netfilter/nft_nat.c
index a0195d28bcfc..79ff58cd36dc 100644
--- a/net/netfilter/nft_nat.c
+++ b/net/netfilter/nft_nat.c
@@ -175,12 +175,14 @@ static int nft_nat_dump(struct sk_buff *skb, const struct nft_expr *expr)
 	if (nla_put_be32(skb,
 			 NFTA_NAT_REG_ADDR_MAX, htonl(priv->sreg_addr_max)))
 		goto nla_put_failure;
-	if (nla_put_be32(skb,
-			 NFTA_NAT_REG_PROTO_MIN, htonl(priv->sreg_proto_min)))
-		goto nla_put_failure;
-	if (nla_put_be32(skb,
-			 NFTA_NAT_REG_PROTO_MAX, htonl(priv->sreg_proto_max)))
-		goto nla_put_failure;
+	if (priv->sreg_proto_min) {
+		if (nla_put_be32(skb, NFTA_NAT_REG_PROTO_MIN,
+				 htonl(priv->sreg_proto_min)))
+			goto nla_put_failure;
+		if (nla_put_be32(skb, NFTA_NAT_REG_PROTO_MAX,
+				 htonl(priv->sreg_proto_max)))
+			goto nla_put_failure;
+	}
 	return 0;
 
 nla_put_failure:
author	Pablo Neira Ayuso <pablo@netfilter.org>	2014-06-13 13:45:38 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-06-16 13:08:14 +0200
commit	915136065b7ca75af4cae06281e4dc43926edbfe (patch)
tree	a7ac3f16f90b58a14900846a80fa3d28ebc01eeb /net
parent	6403d96254c7c44fdfa163248b1198c714c65f6a (diff)
download	linux-915136065b7ca75af4cae06281e4dc43926edbfe.tar.gz