netfilter: nft_hash: fix hash overflow validation - openslx/kernel-qcow2-linux.git

diff options

author	Laura Garcia Liebana	2016-09-13 10:21:46 +0200
committer	Pablo Neira Ayuso	2016-09-13 10:49:23 +0200
commit	14e2dee0996f51e0ff0d868497c7e1b90f012665 (patch)
tree	e84563fdf8f5909a8db22aa7ba8616811033b10a /net/netfilter/nf_tables_api.c
parent	netfilter: nft_numgen: fix race between num generate and store it (diff)
download	kernel-qcow2-linux-14e2dee0996f51e0ff0d868497c7e1b90f012665.tar.gz kernel-qcow2-linux-14e2dee0996f51e0ff0d868497c7e1b90f012665.tar.xz kernel-qcow2-linux-14e2dee0996f51e0ff0d868497c7e1b90f012665.zip

netfilter: nft_hash: fix hash overflow validation

The overflow validation in the init() function establishes that the maximum value that the hash could reach is less than U32_MAX, which is likely to be true. The fix detects the overflow when the maximum hash value is less than the offset itself. Fixes: 70ca767ea1b2 ("netfilter: nft_hash: Add hash offset value") Reported-by: Liping Zhang <liping.zhang@spreadtrum.com> Signed-off-by: Laura Garcia Liebana <nevola@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/netfilter/nf_tables_api.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: