projects
/
GitHub
/
moto-9609
/
android_kernel_motorola_exynos9610.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c2d9a42
)
netfilter: nft_log: check the validity of log level
author
Liping Zhang
<liping.zhang@spreadtrum.com>
Mon, 18 Jul 2016 12:44:16 +0000
(20:44 +0800)
committer
Pablo Neira Ayuso
<pablo@netfilter.org>
Thu, 21 Jul 2016 00:32:33 +0000
(
02:32
+0200)
User can specify the log level larger than 7(debug level) via
nfnetlink, this is invalid. So in this case, we should report
EINVAL to the userspace.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_log.c
patch
|
blob
|
blame
|
history
diff --git
a/net/netfilter/nft_log.c
b/net/netfilter/nft_log.c
index e1b34ff0ebd037cd559589ad4f5dab499bd21cff..5f6f088ff06e02411a3ab145718351cf68b673d2 100644
(file)
--- a/
net/netfilter/nft_log.c
+++ b/
net/netfilter/nft_log.c
@@
-79,6
+79,11
@@
static int nft_log_init(const struct nft_ctx *ctx,
} else {
li->u.log.level = LOGLEVEL_WARNING;
}
+ if (li->u.log.level > LOGLEVEL_DEBUG) {
+ err = -EINVAL;
+ goto err1;
+ }
+
if (tb[NFTA_LOG_FLAGS] != NULL) {
li->u.log.logflags =
ntohl(nla_get_be32(tb[NFTA_LOG_FLAGS]));