leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0fabd2aa19
linux/net/netfilter/ipset
History
Kees Cook 710d21fdff netlink: Bounds-check struct nlmsgerr creation 
In preparation for FORTIFY_SOURCE doing bounds-check on memcpy(),
switch from __nlmsg_put to nlmsg_put(), and explain the bounds check
for dealing with the memcpy() across a composite flexible array struct.
Avoids this future run-time warning:

  memcpy: detected field-spanning write (size 32) of single field "&errmsg->msg" at net/netlink/af_netlink.c:2447 (size 16)

Cc: Jakub Kicinski <kuba@kernel.org>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Jozsef Kadlecsik <kadlec@netfilter.org>
Cc: Florian Westphal <fw@strlen.de>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: syzbot <syzkaller@googlegroups.com>
Cc: netfilter-devel@vger.kernel.org
Cc: coreteam@netfilter.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20220901071336.1418572-1-keescook@chromium.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-09-05 14:45:22 +01:00
..
ip_set_bitmap_gen.h netfilter: ipset: use bitmap infrastructure completely 2020-01-20 17:41:45 +01:00
ip_set_bitmap_ip.c netfilter: ipset: call ip_set_free() instead of kfree() 2020-06-30 19:09:56 +02:00
ip_set_bitmap_ipmac.c netfilter: ipset: call ip_set_free() instead of kfree() 2020-06-30 19:09:56 +02:00
ip_set_bitmap_port.c netfilter: ipset: call ip_set_free() instead of kfree() 2020-06-30 19:09:56 +02:00
ip_set_core.c netlink: Bounds-check struct nlmsgerr creation 2022-09-05 14:45:22 +01:00
ip_set_getport.c netfilter: ipset: move ip_set_get_ip_port() to ip_set_bitmap_port.c. 2019-10-07 23:59:02 +02:00
ip_set_hash_gen.h netfilter: ipset: Fix oversized kvmalloc() calls 2021-09-14 00:50:01 +02:00
ip_set_hash_ip.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_ipmac.c netfilter: ipset: Expose the initval hash parameter to userspace 2020-10-31 11:55:38 +01:00
ip_set_hash_ipmark.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_ipport.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_ipportip.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_ipportnet.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_mac.c netfilter: ipset: Expose the initval hash parameter to userspace 2020-10-31 11:55:38 +01:00
ip_set_hash_net.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_netiface.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_netnet.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_netport.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_hash_netportnet.c netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ip_set_list_set.c netfilter: ipset: Fix subcounter update skip 2020-05-25 20:39:14 +02:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pfxlen.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00