Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-23 12:42:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
7951e36ac6
linux/net/ipv4/netfilter
History
Eric Dumazet 65acf6e050 netfilter: complete validation of user input 
In my recent commit, I missed that do_replace() handlers
use copy_from_sockptr() (which I fixed), followed
by unsafe copy_from_sockptr_offset() calls.

In all functions, we can perform the @optlen validation
before even calling xt_alloc_table_info() with the following
check:

if ((u64)optlen < (u64)tmp.size + sizeof(tmp))
        return -EINVAL;

Fixes: 0c83842df4 ("netfilter: validate user input for expected length")
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
Link: https://lore.kernel.org/r/20240409120741.3538135-1-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-04-10 19:42:56 -07:00
..
arp_tables.c netfilter: complete validation of user input 2024-04-10 19:42:56 -07:00
arpt_mangle.c
arptable_filter.c
ip_tables.c netfilter: complete validation of user input 2024-04-10 19:42:56 -07:00
ipt_ah.c
ipt_ECN.c
ipt_REJECT.c
ipt_rpfilter.c netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces. 2022-10-19 08:46:48 +02:00
ipt_SYNPROXY.c
iptable_filter.c
iptable_mangle.c netfilter: xt_mangle: only check verdict part of return value 2023-10-18 10:26:43 +02:00
iptable_nat.c netfilter: add missing module descriptions 2023-11-08 13:52:32 +01:00
iptable_raw.c netfilter: add missing module descriptions 2023-11-08 13:52:32 +01:00
iptable_security.c
Kconfig netfilter: arptables: Select NETFILTER_FAMILY_ARP when building arp_tables.c 2024-03-28 03:54:02 +01:00
Makefile netfilter: xtables: allow xtables-nft only builds 2024-01-29 15:43:21 +01:00
nf_defrag_ipv4.c netfilter: add missing module descriptions 2023-11-08 13:52:32 +01:00
nf_dup_ipv4.c
nf_nat_h323.c netfilter: nat: move repetitive nat port reserve loop to a helper 2022-09-07 16:46:04 +02:00
nf_nat_pptp.c
nf_nat_snmp_basic_main.c
nf_nat_snmp_basic.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
nf_reject_ipv4.c netfilter: bridge: replace physindev with physinif in nf_bridge_info 2024-01-17 12:02:49 +01:00
nf_socket_ipv4.c tcp: Access &tcp_hashinfo via net. 2022-09-20 10:21:49 -07:00
nf_tproxy_ipv4.c netfilter: tproxy: fix deadlock due to missing BH disable 2023-03-06 12:09:48 +01:00
nft_dup_ipv4.c netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters 2022-11-15 10:46:34 +01:00
nft_fib_ipv4.c netfilter: rpfilter/fib: clean up some inconsistent indenting 2022-11-15 10:53:18 +01:00
nft_reject_ipv4.c