]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ed646e9) | patch
netfilter: nft_range: validate operation netlink attribute
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 13 Oct 2016 06:42:17 +0000 (08:42 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 17 Oct 2016 16:57:02 +0000 (18:57 +0200)
commit0889ec8f958311cd5c0fccf5d05a6a2612df6e89
tree5288ff52b3888084f4462615a842e76c0d2302b3tree | snapshot
parented646e9c763b8e0c6de760b6e70cdcc09fdf10c6commit | diff
netfilter: nft_range: validate operation netlink attribute

Use nft_parse_u32_check() to make sure we don't get a value over the
unsigned 8-bit integer. Moreover, make sure this value doesn't go over
the two supported range comparison modes.

Fixes: 9286c2eb1fda ("netfilter: nft_range: validate operation netlink attribute")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_range.c diff | blob | history
Linux Kernel Source Tree.