]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1701a6f) | patch
netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 14 May 2020 12:14:23 +0000 (14:14 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 25 May 2020 18:39:14 +0000 (20:39 +0200)
commite9b10d8456bc70b7790390d01fcca66342354022
treea6a8ccd47c3fc1afdac3c51f6380d3a6ca1b7c19tree | snapshot
parent1701a6fe9d113b342ff6ae4330d77ff318ec673fcommit | diff
netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code

Dan Carpenter says: "Smatch complains that the value for "cmd" comes
from the network and can't be trusted."

Add pptp_msg_name() helper function that checks for the array boundary.

Fixes: 3fd25055a475 ("[NETFILTER]: nf_conntrack/nf_nat: add PPTP helper port")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/linux/netfilter/nf_conntrack_pptp.h diff | blob | history
net/ipv4/netfilter/nf_nat_pptp.c diff | blob | history
net/netfilter/nf_conntrack_pptp.c diff | blob | history
Linux Kernel Source Tree.