]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 157134d) | patch
netfilter: nftables: avoid potential overflows on 32bit arches
authorEric Dumazet <edumazet@google.com>
Thu, 6 May 2021 12:53:50 +0000 (05:53 -0700)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 7 May 2021 08:01:39 +0000 (10:01 +0200)
commit5db12b161a0d2cf877a9a23a801c17bec5265c92
tree1a14a9f80a7ed0347b7f1a7f3c51b12d5404f4e1tree | snapshot
parent157134d6163f60403ede4635047fe32315437adacommit | diff
netfilter: nftables: avoid potential overflows on 32bit arches

User space could ask for very large hash tables, we need to make sure
our size computations wont overflow.

nf_tables_newset() needs to double check the u64 size
will fit into size_t field.

Fixes: 2bb0f9ae81e6 ("netfilter: nf_tables: rename set implementations")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nft_set_hash.c diff | blob | history
Linux Kernel Source Tree.