]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2557080) | patch
netfilter: nftables: avoid potential overflows on 32bit arches
authorEric Dumazet <edumazet@google.com>
Thu, 6 May 2021 12:53:50 +0000 (05:53 -0700)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 7 May 2021 08:01:39 +0000 (10:01 +0200)
commit6d3e42fce27d829db058982b37fdd2b95a3503b8
tree1a14a9f80a7ed0347b7f1a7f3c51b12d5404f4e1tree | snapshot
parent25570809ceb16ab5453a89a76d3019ee14a90df5commit | diff
netfilter: nftables: avoid potential overflows on 32bit arches

User space could ask for very large hash tables, we need to make sure
our size computations wont overflow.

nf_tables_newset() needs to double check the u64 size
will fit into size_t field.

Fixes: 7b2314c5dcf4 ("netfilter: nf_tables: rename set implementations")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nft_set_hash.c diff | blob | history
Linux Kernel Source Tree.