]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9dbd817) | patch
net_sched: fix a NULL pointer deref in ipt action
authorCong Wang <xiyou.wangcong@gmail.com>
Sun, 25 Aug 2019 17:01:32 +0000 (10:01 -0700)
committerKhalid Elmously <khalid.elmously@canonical.com>
Thu, 26 Sep 2019 04:34:52 +0000 (00:34 -0400)
commit8f4d0354582df8ce33adc47f4b74adceb175d52c
tree82ec1c6897fff3c109b980254cd383d2aa193730tree
parent9dbd817dc5fd939e6a539a1767cb808455d35cb0commit | diff
net_sched: fix a NULL pointer deref in ipt action

BugLink: https://bugs.launchpad.net/bugs/1843463
[ Upstream commit 981471bd3abf4d572097645d765391533aac327d ]

The net pointer in struct xt_tgdtor_param is not explicitly
initialized therefore is still NULL when dereferencing it.
So we have to find a way to pass the correct net pointer to
ipt_destroy_target().

The best way I find is just saving the net pointer inside the per
netns struct tcf_idrinfo, which could make this patch smaller.

Fixes: 0c66dc1ea3f0 ("netfilter: conntrack: register hooks in netns when needed by ruleset")
Reported-and-tested-by: itugrok@yahoo.com
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>
17 files changed:
include/net/act_api.h diff | blob | blame | history
net/sched/act_bpf.c diff | blob | blame | history
net/sched/act_connmark.c diff | blob | blame | history
net/sched/act_csum.c diff | blob | blame | history
net/sched/act_gact.c diff | blob | blame | history
net/sched/act_ife.c diff | blob | blame | history
net/sched/act_ipt.c diff | blob | blame | history
net/sched/act_mirred.c diff | blob | blame | history
net/sched/act_nat.c diff | blob | blame | history
net/sched/act_pedit.c diff | blob | blame | history
net/sched/act_police.c diff | blob | blame | history
net/sched/act_sample.c diff | blob | blame | history
net/sched/act_simple.c diff | blob | blame | history
net/sched/act_skbedit.c diff | blob | blame | history
net/sched/act_skbmod.c diff | blob | blame | history
net/sched/act_tunnel_key.c diff | blob | blame | history
net/sched/act_vlan.c diff | blob | blame | history
ubuntu-bionic-kernel mirror