linux/net/ipv4/netfilter
Vasiliy Kulikov b5f15ac4f8 ipv4: netfilter: ip_tables: fix information leak to userland
Structure ipt_getinfo is copied to userland with the field "name"
that has the last elements unitialized.  It leads to leaking of
contents of kernel stack memory.

Signed-off-by: Vasiliy Kulikov <segooon@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-11-03 08:45:06 +01:00
..
arp_tables.c ipv4: netfilter: arp_tables: fix information leak to userland 2010-11-03 08:44:12 +01:00
arpt_mangle.c netfilter: xtables: resolve indirect macros 3/3 2010-10-13 18:00:46 +02:00
arptable_filter.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
ip_queue.c netfilter: ip_queue: rwlock to spinlock conversion 2010-06-09 15:47:41 +02:00
ip_tables.c ipv4: netfilter: ip_tables: fix information leak to userland 2010-11-03 08:45:06 +01:00
ipt_addrtype.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ipt_ah.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
ipt_CLUSTERIP.c netfilter: ipt_CLUSTERIP: use proto_ports_offset() to support AH message 2010-08-19 17:16:24 -07:00
ipt_ecn.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
ipt_ECN.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
ipt_LOG.c netfilter: ipt_LOG: add bufferisation to call printk() once 2010-10-04 20:56:05 +02:00
ipt_MASQUERADE.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
ipt_NETMAP.c netfilter: nf_nat: support user-specified SNAT rules in LOCAL_IN 2010-06-17 06:12:26 +02:00
ipt_REDIRECT.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
ipt_REJECT.c netfilter: fix ipt_REJECT TCP RST routing for indev == outdev 2010-09-22 13:13:32 -07:00
ipt_ULOG.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
iptable_filter.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
iptable_mangle.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
iptable_raw.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
iptable_security.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
Kconfig Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-10-24 13:41:39 -07:00
Makefile netfilter: Combine ipt_ttl and ip6t_hl source 2009-02-18 18:39:31 +01:00
nf_conntrack_l3proto_ipv4_compat.c secmark: export secctx, drop secmark in procfs 2010-10-21 10:12:52 +11:00
nf_conntrack_l3proto_ipv4.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_proto_icmp.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_defrag_ipv4.c netfilter: nf_conntrack_defrag: check socket type before touching nodefrag flag 2010-09-22 13:13:34 -07:00
nf_nat_amanda.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_core.c netfilter: nf_nat: fix compiler warning with CONFIG_NF_CT_NETLINK=n 2010-10-29 16:28:07 +02:00
nf_nat_ftp.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_h323.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_helper.c netfilter: nf_nat: add nf_nat_csum() 2010-09-15 19:24:50 +02:00
nf_nat_irc.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_pptp.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_nat_proto_common.c netfilter: nf_nat: don't check if the tuple is unique when there isn't any other choice 2010-08-02 17:35:49 +02:00
nf_nat_proto_dccp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_gre.c netfilter: nf_nat: don't check if the tuple is unique when there isn't any other choice 2010-08-02 17:35:49 +02:00
nf_nat_proto_icmp.c netfilter: nf_nat: don't check if the tuple is unique when there isn't any other choice 2010-08-02 17:35:49 +02:00
nf_nat_proto_sctp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_tcp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_udp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_udplite.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_unknown.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_rule.c netfilter: nf_nat: no IP_NAT_RANGE_MAP_IPS flags when alloc_null_binding() 2010-09-16 19:47:51 +02:00
nf_nat_sip.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_snmp_basic.c netfilter: nf_nat_snmp: fix checksum calculation (v4) 2010-09-22 13:13:33 -07:00
nf_nat_standalone.c netfilter: nf_nat: support user-specified SNAT rules in LOCAL_IN 2010-06-17 06:12:26 +02:00
nf_nat_tftp.c netfilter: fix some coding styles and remove moduleparam.h 2010-04-13 11:25:41 +02:00