projects / GitHub / MotorolaMobilityLLC / kernel-slsi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ce683e5) | patch
netfilter: x_tables: validate all offsets and sizes in a rule
authorFlorian Westphal <fw@strlen.de>
Fri, 1 Apr 2016 12:17:29 +0000 (14:17 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 13 Apr 2016 22:30:38 +0000 (00:30 +0200)
commit13631bfc604161a9d69cd68991dff8603edd66f9
tree8b638e793956c54bbbec8b8b8845e6f57aac3fcftree | snapshot (tar.gz zip)
parentce683e5f9d045e5d67d1312a42b359cb2ab2a13ccommit | diff
netfilter: x_tables: validate all offsets and sizes in a rule

Validate that all matches (if any) add up to the beginning of
the target and that each match covers at least the base structure size.

The compat path should be able to safely re-use the function
as the structures only differ in alignment; added a
BUILD_BUG_ON just in case we have an arch that adds padding as well.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/x_tables.c diff | blob | blame | history
Motorola kernel-slsi