]> git.itanic.dy.fi Git - linux-stable/commit
projects / linux-stable / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 079cd63) | patch
netfilter: nf_tables: limit allowed range via nla_policy
authorFlorian Westphal <fw@strlen.de>
Wed, 21 Jun 2023 19:11:03 +0000 (21:11 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 26 Jun 2023 06:05:57 +0000 (08:05 +0200)
commita412dbf40ff37515acca4bba666f5386aa37246e
treed29ebda49810ab08757b1d5c33f2ea6001d04df1tree | snapshot
parent079cd633219d7298d087cd115c17682264244c18commit | diff
netfilter: nf_tables: limit allowed range via nla_policy

These NLA_U32 types get stored in u8 fields, reject invalid values
instead of silently casting to u8.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
15 files changed:
net/netfilter/nft_bitwise.c diff | blob | history
net/netfilter/nft_byteorder.c diff | blob | history
net/netfilter/nft_ct.c diff | blob | history
net/netfilter/nft_dynset.c diff | blob | history
net/netfilter/nft_exthdr.c diff | blob | history
net/netfilter/nft_fwd_netdev.c diff | blob | history
net/netfilter/nft_hash.c diff | blob | history
net/netfilter/nft_meta.c diff | blob | history
net/netfilter/nft_range.c diff | blob | history
net/netfilter/nft_reject.c diff | blob | history
net/netfilter/nft_rt.c diff | blob | history
net/netfilter/nft_socket.c diff | blob | history
net/netfilter/nft_tproxy.c diff | blob | history
net/netfilter/nft_tunnel.c diff | blob | history
net/netfilter/nft_xfrm.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.