| commit | a1c49d8cf9aa2be958c34fae1f84b1e3006f0c67 | |
| author | Florian Westphal <fw@strlen.de> | |
| Tue, 22 Mar 2016 17:02:50 +0000 (22 18:02 +0100) | ||
| committer | Sasha Levin <sasha.levin@oracle.com> | |
| Mon, 11 Jul 2016 03:07:32 +0000 (10 23:07 -0400) | ||
| tree | 9d4b03628a62e0fdb7cd2e9291c0b6de2eed1d52 | treesnapshot (tar.gz zip) |
| parent | 780daa25f811f1aeefb9da76ef93c32b17a5f102 | commitdiff |
netfilter: x_tables: make sure e->next_offset covers remaining blob size
[ Upstream commit 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91 ]
Otherwise this function may read data beyond the ruleset blob.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
[ Upstream commit 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91 ]
Otherwise this function may read data beyond the ruleset blob.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
| net/ipv4/netfilter/arp_tables.c | diffblobblamehistory | |
| net/ipv4/netfilter/ip_tables.c | diffblobblamehistory | |
| net/ipv6/netfilter/ip6_tables.c | diffblobblamehistory |