kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

Browse source 
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains two one-liner fixes for your net tree,
they are:

1) Disable fast hash operations for 2-bytes length keys which is leading
   to incorrect lookups in nf_tables, from Anatole Denis.

2) Reload pointer ipv4 header after ip_route_me_harder() given this may
   result in use-after-free due to skbuff header reallocation, patch
   from Tejaswi Tanikella.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2017-11-02 16:52:41 +09:00
commit 74784da82f
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
net/ipv4/netfilter/nf_reject_ipv4.c
View file

@ -132,6 +132,8 @@ void nf_send_reset(struct net *net, struct sk_buff *oldskb, int hook)
if (ip_route_me_harder(net, nskb, RTN_UNSPEC)) if (ip_route_me_harder(net, nskb, RTN_UNSPEC))
goto free_nskb; goto free_nskb;
niph = ip_hdr(nskb);
/* "Never happens" */ /* "Never happens" */
if (nskb->len > dst_mtu(skb_dst(nskb))) if (nskb->len > dst_mtu(skb_dst(nskb)))
goto free_nskb; goto free_nskb;

1
net/netfilter/nft_set_hash.c
View file

@ -643,7 +643,6 @@ nft_hash_select_ops(const struct nft_ctx *ctx, const struct nft_set_desc *desc,
{ {
if (desc->size) { if (desc->size) {
switch (desc->klen) { switch (desc->klen) {
case 2:
case 4: case 4:
return &nft_hash_fast_ops; return &nft_hash_fast_ops;
default: default: