git.baikalelectronics.ru Git - kernel.git/commit

]> git.baikalelectronics.ru Git - kernel.git/commit

author	Patrick McHardy <kaber@trash.net>
	Tue, 3 Mar 2015 20:04:20 +0000 (20:04 +0000)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 4 Mar 2015 17:46:06 +0000 (18:46 +0100)
commit	96e3a9c78b831a76763a25a8f8b674a41b66df69
tree	6533fb1a3354201a635cf4dfdeaa143e2d3de12a	tree \| snapshot
parent	35bdbd3798f05acba21d937323192fc16e8be108	commit \| diff

netfilter: nf_tables: fix userdata length overflow

The NFT_USERDATA_MAXLEN is defined to 256, however we only have a u8
to store its size. Introduce a struct nft_userdata which contains a
length field and indicate its presence using a single bit in the rule.

The length field of struct nft_userdata is also a u8, however we don't
store zero sized data, so the actual length is udata->len + 1.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_tables.h		diff \| blob \| history
net/netfilter/nf_tables_api.c		diff \| blob \| history

Linux Kernel Source Tree.

RSS Atom