netfilter: nft_flow_offload: reset dst in route object after setting up flow

dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flow_offload_add() fails, error path releases dst twice, leading to a refcount underflow. Fixes: a3c90f7a2323 ("netfilter: nf_tables: flow offload expression") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2024-02-21 12:32:58 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2024-02-22 00:14:54 +0100
commit: 9e0f0430389be7696396c62f037be4bf72cf93e3 (patch)
tree: ffcb26915d29a51fd6e2c869072eb4abc7d89eb6 /include
parent: bccebf64701735533c8db37773eeacc6566cc8ec (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h
index 956c752ceb31..a763dd327c6e 100644
--- a/include/net/netfilter/nf_flow_table.h
+++ b/include/net/netfilter/nf_flow_table.h
@@ -276,7 +276,7 @@ nf_flow_table_offload_del_cb(struct nf_flowtable *flow_table,
 }
 
 void flow_offload_route_init(struct flow_offload *flow,
-			     const struct nf_flow_route *route);
+			     struct nf_flow_route *route);
 
 int flow_offload_add(struct nf_flowtable *flow_table, struct flow_offload *flow);
 void flow_offload_refresh(struct nf_flowtable *flow_table,
author	Pablo Neira Ayuso <pablo@netfilter.org>	2024-02-21 12:32:58 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2024-02-22 00:14:54 +0100
commit	9e0f0430389be7696396c62f037be4bf72cf93e3 (patch)
tree	ffcb26915d29a51fd6e2c869072eb4abc7d89eb6 /include
parent	bccebf64701735533c8db37773eeacc6566cc8ec (diff)