]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a54754e) | patch
netfilter: nftables: avoid potential overflows on 32bit arches
authorEric Dumazet <edumazet@google.com>
Thu, 6 May 2021 12:53:50 +0000 (05:53 -0700)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 7 May 2021 08:01:39 +0000 (10:01 +0200)
commit6c8774a94e6ad26f29ef103c8671f55c255c6201
tree1a14a9f80a7ed0347b7f1a7f3c51b12d5404f4e1tree | snapshot
parenta54754ec9891830ba548e2010c889e3c8146e449commit | diff
netfilter: nftables: avoid potential overflows on 32bit arches

User space could ask for very large hash tables, we need to make sure
our size computations wont overflow.

nf_tables_newset() needs to double check the u64 size
will fit into size_t field.

Fixes: 0ed6389c483d ("netfilter: nf_tables: rename set implementations")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nft_set_hash.c diff | blob | history
Linux Kernel Source Tree.