git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Kadlecsik József <kadlec@blackhole.kfki.hu>
	Sun, 19 Jan 2020 21:06:49 +0000 (22:06 +0100)
committer	Khalid Elmously <khalid.elmously@canonical.com>
	Fri, 6 Mar 2020 07:13:20 +0000 (02:13 -0500)
commit	21519b6b4cc9d0539864593de8356506b1fd5de6
tree	62bb5d390fb0abaaceb75aa24b968b00bafdb523	tree
parent	b2917089a9a6a92410337744e34199debd4d5f5d	commit \| diff

netfilter: ipset: use bitmap infrastructure completely

BugLink: https://bugs.launchpad.net/bugs/1864261
commit 32c72165dbd0e246e69d16a3ad348a4851afd415 upstream.

The bitmap allocation did not use full unsigned long sizes
when calculating the required size and that was triggered by KASAN
as slab-out-of-bounds read in several places. The patch fixes all
of them.

Reported-by: syzbot+fabca5cbf5e54f3fe2de@syzkaller.appspotmail.com
Reported-by: syzbot+827ced406c9a1d9570ed@syzkaller.appspotmail.com
Reported-by: syzbot+190d63957b22ef673ea5@syzkaller.appspotmail.com
Reported-by: syzbot+dfccdb2bdb4a12ad425e@syzkaller.appspotmail.com
Reported-by: syzbot+df0d0f5895ef1f41a65b@syzkaller.appspotmail.com
Reported-by: syzbot+b08bd19bb37513357fd4@syzkaller.appspotmail.com
Reported-by: syzbot+53cdd0ec0bbabd53370a@syzkaller.appspotmail.com
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>

include/linux/netfilter/ipset/ip_set.h		diff \| blob \| blame \| history
net/netfilter/ipset/ip_set_bitmap_gen.h		diff \| blob \| blame \| history
net/netfilter/ipset/ip_set_bitmap_ip.c		diff \| blob \| blame \| history
net/netfilter/ipset/ip_set_bitmap_ipmac.c		diff \| blob \| blame \| history
net/netfilter/ipset/ip_set_bitmap_port.c		diff \| blob \| blame \| history