diff options
author | Laura Garcia Liebana | 2016-09-13 10:21:46 +0200 |
---|---|---|
committer | Pablo Neira Ayuso | 2016-09-13 10:49:23 +0200 |
commit | 14e2dee0996f51e0ff0d868497c7e1b90f012665 (patch) | |
tree | e84563fdf8f5909a8db22aa7ba8616811033b10a /net/netfilter/nf_tables_api.c | |
parent | netfilter: nft_numgen: fix race between num generate and store it (diff) | |
download | kernel-qcow2-linux-14e2dee0996f51e0ff0d868497c7e1b90f012665.tar.gz kernel-qcow2-linux-14e2dee0996f51e0ff0d868497c7e1b90f012665.tar.xz kernel-qcow2-linux-14e2dee0996f51e0ff0d868497c7e1b90f012665.zip |
netfilter: nft_hash: fix hash overflow validation
The overflow validation in the init() function establishes that the
maximum value that the hash could reach is less than U32_MAX, which is
likely to be true.
The fix detects the overflow when the maximum hash value is less than
the offset itself.
Fixes: 70ca767ea1b2 ("netfilter: nft_hash: Add hash offset value")
Reported-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_tables_api.c')
0 files changed, 0 insertions, 0 deletions