diff options
author | Máté Eckl <ecklm94@gmail.com> | 2018-07-05 12:01:53 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-07-06 14:32:44 +0200 |
commit | 5711b4e89319c2912f20b2a4f371c1525fc9551d (patch) | |
tree | 002100bf6cd635fefaecb905337d142df28bf9ae /net/netfilter/nft_set_bitmap.c | |
parent | netfilter: x_tables: set module owner for icmp(6) matches (diff) | |
download | wireguard-linux-5711b4e89319c2912f20b2a4f371c1525fc9551d.tar.xz wireguard-linux-5711b4e89319c2912f20b2a4f371c1525fc9551d.zip |
netfilter: nf_tproxy: fix possible non-linear access to transport header
This patch fixes a silent out-of-bound read possibility that was present
because of the misuse of this function.
Mostly it was called with a struct udphdr *hp which had only the udphdr
part linearized by the skb_header_pointer, however
nf_tproxy_get_sock_v{4,6} uses it as a tcphdr pointer, so some reads for
tcp specific attributes may be invalid.
Fixes: a583636a83ea ("inet: refactor inet[6]_lookup functions to take skb")
Signed-off-by: Máté Eckl <ecklm94@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nft_set_bitmap.c')
0 files changed, 0 insertions, 0 deletions