git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit - net/netfilter/nft_ct.c

projects / mirror_ubuntu-bionic-kernel.git / commit

author	Patrick McHardy <kaber@trash.net>
	Sat, 11 Apr 2015 01:27:26 +0000 (02:27 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 13 Apr 2015 14:25:49 +0000 (16:25 +0200)
commit	45d9bcda21f4c13be75e3571b0f0ef39e77934b5
tree	54312412f1a9253360db901877e8b51991777562	tree
parent	e60a9de49c3744aa44128eaaed3aca965911ca2e	commit \| diff

netfilter: nf_tables: validate len in nft_validate_data_load()

For values spanning multiple registers, we need to validate that enough
space is available from the destination register onwards. Add a len
argument to nft_validate_data_load() and consolidate the existing length
validations in preparation of that.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

ubuntu-bionic-kernel mirror

RSS Atom

include/net/netfilter/nf_tables.h		diff \| blob \| blame \| history
net/bridge/netfilter/nft_meta_bridge.c		diff \| blob \| blame \| history
net/netfilter/nf_tables_api.c		diff \| blob \| blame \| history
net/netfilter/nft_bitwise.c		diff \| blob \| blame \| history
net/netfilter/nft_byteorder.c		diff \| blob \| blame \| history
net/netfilter/nft_ct.c		diff \| blob \| blame \| history
net/netfilter/nft_exthdr.c		diff \| blob \| blame \| history
net/netfilter/nft_immediate.c		diff \| blob \| blame \| history
net/netfilter/nft_meta.c		diff \| blob \| blame \| history
net/netfilter/nft_payload.c		diff \| blob \| blame \| history