]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 559d723) | patch
netfilter: nf_tables: validate len in nft_validate_data_load()
authorPatrick McHardy <kaber@trash.net>
Sat, 11 Apr 2015 01:27:26 +0000 (02:27 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 13 Apr 2015 14:25:49 +0000 (16:25 +0200)
commit7d9b4cc54164f0b0d2bc38660ab1e13e38101ae6
tree54312412f1a9253360db901877e8b51991777562tree | snapshot
parent559d723ea77a1f53fffaa5a77b9b0d6328a115b9commit | diff
netfilter: nf_tables: validate len in nft_validate_data_load()

For values spanning multiple registers, we need to validate that enough
space is available from the destination register onwards. Add a len
argument to nft_validate_data_load() and consolidate the existing length
validations in preparation of that.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/netfilter/nf_tables.h diff | blob | history
net/bridge/netfilter/nft_meta_bridge.c diff | blob | history
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nft_bitwise.c diff | blob | history
net/netfilter/nft_byteorder.c diff | blob | history
net/netfilter/nft_ct.c diff | blob | history
net/netfilter/nft_exthdr.c diff | blob | history
net/netfilter/nft_immediate.c diff | blob | history
net/netfilter/nft_meta.c diff | blob | history
net/netfilter/nft_payload.c diff | blob | history
Linux Kernel Source Tree.