| commit | e27bf5d572b5d9a71d911d94dcd0993026d47486 | |
| author | Florian Westphal <fw@strlen.de> | |
| Tue, 22 Dec 2020 22:23:56 +0000 (22 23:23 +0100) | ||
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
| Tue, 12 Jan 2021 18:49:05 +0000 (12 19:49 +0100) | ||
| tree | 48143f51a60d54368b033c84331b1f4db76e8374 | treesnapshot (tar.gz zip) |
| parent | 0a4feb89b0acfb5ca53cc494204f0aaf22fed7bd | commitdiff |
netfilter: xt_RATEEST: reject non-null terminated string from userspace
commit 6cb56218ad9e580e519dcd23bfb3db08d8692e5a upstream.
syzbot reports:
detected buffer overflow in strlen
[..]
Call Trace:
strlen include/linux/string.h:325 [inline]
strlcpy include/linux/string.h:348 [inline]
xt_rateest_tg_checkentry+0x2a5/0x6b0 net/netfilter/xt_RATEEST.c:143
strlcpy assumes src is a c-string. Check info->name before its used.
Reported-by: syzbot+e86f7c428c8c50db65b4@syzkaller.appspotmail.com
Fixes: 5859034d7eb8793 ("[NETFILTER]: x_tables: add RATEEST target")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 6cb56218ad9e580e519dcd23bfb3db08d8692e5a upstream.
syzbot reports:
detected buffer overflow in strlen
[..]
Call Trace:
strlen include/linux/string.h:325 [inline]
strlcpy include/linux/string.h:348 [inline]
xt_rateest_tg_checkentry+0x2a5/0x6b0 net/netfilter/xt_RATEEST.c:143
strlcpy assumes src is a c-string. Check info->name before its used.
Reported-by: syzbot+e86f7c428c8c50db65b4@syzkaller.appspotmail.com
Fixes: 5859034d7eb8793 ("[NETFILTER]: x_tables: add RATEEST target")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| net/netfilter/xt_RATEEST.c | diffblobblamehistory |