]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
netfilter: nft_nat: insufficient attribute validation
authorPablo Neira Ayuso <pablo@netfilter.org>
Wed, 15 Oct 2014 22:16:57 +0000 (00:16 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Sat, 18 Oct 2014 12:16:11 +0000 (14:16 +0200)
commit5c819a39753d6a3ae9c0092236f59730a369b619
treec980ff48d390d3bd6199d786248afe0b24372d3d
parentf3f5ddeddd6aeadcef523d55ea9288e3d5c1cbc3
netfilter: nft_nat: insufficient attribute validation

We have to validate that we at least get an NFTA_NAT_REG_ADDR_MIN or
NFTA_NFT_REG_PROTO_MIN attribute. Reject the configuration if none
of them are present.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_nat.c