]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 356fb85) | patch
netfilter: nfnetlink_hook: fix array index out-of-bounds error
authorColin Ian King <colin.king@canonical.com>
Tue, 8 Jun 2021 15:34:08 +0000 (16:34 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 9 Jun 2021 19:28:50 +0000 (21:28 +0200)
commit75c02aa133bb6c72eb3b14e534175f789c9aa6ed
treec67606d85188f76a34746f25fe94f3f6697f39a4tree | snapshot
parent356fb85f08ade50a93550cf34edda748bc45f003commit | diff
netfilter: nfnetlink_hook: fix array index out-of-bounds error

Currently the array net->nf.hooks_ipv6 is accessed by index hook
before hook is sanity checked. Fix this by moving the sanity check
to before the array access.

Addresses-Coverity: ("Out-of-bounds access")
Fixes: 4d45a1287f09 ("netfilter: add new hook nfnl subsystem")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nfnetlink_hook.c diff | blob | history
Linux Kernel Source Tree.