iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net/ipv6
History
Xin Long a482c5e00a netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6 
In rt_mt6(), when it's a nonlinear skb, the 1st skb_header_pointer()
only copies sizeof(struct ipv6_rt_hdr) to _route that rh points to.
The access by ((const struct rt0_hdr *)rh)->reserved will overflow
the buffer. So this access should be moved below the 2nd call to
skb_header_pointer().

Besides, after the 2nd skb_header_pointer(), its return value should
also be checked, othersize, *rp may cause null-pointer-ref.

v1->v2:
  - clean up some old debugging log.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2021-10-14 23:08:35 +02:00
..
ila
net: Add MODULE_DESCRIPTION entries to network modules
2020-06-20 21:33:57 -07:00
netfilter
netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
2021-10-14 23:08:35 +02:00
addrconf_core.c
ipv6: add ipv6_dev_find to stubs
2021-03-30 13:29:39 -07:00
addrconf.c
ip/ip6_gre: use the same logic as SIT interfaces when computing v6LL address
2021-09-05 13:14:37 +01:00
addrlabel.c
ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init
2020-11-25 11:20:16 -08:00
af_inet6.c
bpf: Migrate cgroup_bpf to internal cgroup_bpf_attach_type enum
2021-08-23 17:50:24 -07:00
ah6.c
xfrm: remove hdr_offset indirection
2021-06-11 14:48:50 +02:00
anycast.c
ipv6: fix memory leaks on IPV6_ADDRFORM path
2020-07-30 16:30:55 -07:00
calipso.c
cipso,calipso: resolve a number of problems with the DOI refcounts
2021-03-04 15:26:57 -08:00
datagram.c
lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
2020-11-23 18:36:21 -05:00
esp6_offload.c
xfrm: remove description from xfrm_type struct
2021-06-09 09:38:52 +02:00
esp6.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2021-06-29 15:45:27 -07:00
exthdrs_core.c
ipv6: remove printk
2019-07-27 14:23:48 -07:00
exthdrs_offload.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
exthdrs.c
ipv6: exthdrs: get rid of indirect calls in ip6_parse_tlv()
2021-08-04 10:34:40 +01:00
fib6_notifier.c
net: fib_notifier: propagate extack down to the notifier block callback
2019-10-04 11:10:56 -07:00
fib6_rules.c
ipv6: fib6: remove redundant initialization of variable err
2021-06-14 12:42:26 -07:00
fou6.c
net: Add MODULE_DESCRIPTION entries to network modules
2020-06-20 21:33:57 -07:00
icmp.c
ipv6: ICMPV6: add response to ICMPV6 RFC 8335 PROBE messages
2021-06-28 14:29:45 -07:00
inet6_connection_sock.c
lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
2020-11-23 18:36:21 -05:00
inet6_hashtables.c
net: prefer socket bound to interface when not in VRF
2021-10-07 07:27:55 -07:00
ioam6_iptunnel.c
ipv6: ioam: Support for IOAM injection with lwtunnels
2021-07-21 08:14:33 -07:00
ioam6.c
ipv6: ioam: Support for IOAM injection with lwtunnels
2021-07-21 08:14:33 -07:00
ip6_checksum.c
ip6_fib.c
ipv6: delay fib6_sernum increase in fib6_add
2021-09-13 13:00:53 +01:00
ip6_flowlabel.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next
2020-08-05 20:13:21 -07:00
ip6_gre.c
ip6_gre: Revert "ip6_gre: add validation for csum_start"
2021-09-06 16:41:54 +01:00
ip6_icmp.c
net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending
2021-02-23 11:29:52 -08:00
ip6_input.c
ipv6: weaken the v4mapped source check
2021-03-18 11:19:23 -07:00
ip6_offload.c
net/core: move gro function declarations to separate header
2021-02-04 18:37:57 -08:00
ip6_offload.h
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
ip6_output.c
ipv6: use skb_expand_head in ip6_xmit
2021-08-03 11:21:39 +01:00
ip6_tunnel.c
ip_tunnel: use ndo_siocdevprivate
2021-07-27 20:11:44 +01:00
ip6_udp_tunnel.c
net: Make locking in sock_bindtoindex optional
2020-06-01 14:57:14 -07:00
ip6_vti.c
ip_tunnel: use ndo_siocdevprivate
2021-07-27 20:11:44 +01:00
ip6mr.c
net: Remove redundant if statements
2021-08-05 13:27:50 +01:00
ipcomp6.c
xfrm: remove hdr_offset indirection
2021-06-11 14:48:50 +02:00
ipv6_sockglue.c
net/ipv4/ipv6: Replace one-element arraya with flexible-array members
2021-08-05 11:46:42 +01:00
Kconfig
ipv6: ioam: Support for IOAM injection with lwtunnels
2021-07-21 08:14:33 -07:00
Makefile
ipv6: ioam: Support for IOAM injection with lwtunnels
2021-07-21 08:14:33 -07:00
mcast_snoop.c
net: bridge: mcast: fix broken length + header check for MRDv6 Adv.
2021-04-27 14:02:06 -07:00
mcast.c
ipv6: change return type from int to void for mld_process_v2
2021-09-02 11:29:55 +01:00
mip6.c
xfrm: ipv6: move mip6_rthdr_offset into xfrm core
2021-06-11 14:48:50 +02:00
ndisc.c
ipv6: add IFLA_INET6_RA_MTU to expose mtu value
2021-08-27 17:29:18 -07:00
netfilter.c
netfilter: Dissect flow after packet mangling
2021-04-18 22:04:16 +02:00
output_core.c
ipv6: use prandom_u32() for ID generation
2021-05-31 22:12:08 -07:00
ping.c
lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
2020-11-23 18:36:21 -05:00
proc.c
net: udp: introduce UDP_MIB_MEMERRORS for udp_mem
2020-11-09 15:34:44 -08:00
protocol.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
raw.c
net: sock: introduce sk_error_report
2021-06-29 11:28:21 -07:00
reassembly.c
ipv6: record frag_max_size in atomic fragments in input path
2021-05-21 15:02:25 -07:00
route.c
net: ipv4: Fix rtnexthop len when RTA_FLOW is present
2021-09-24 14:07:10 +01:00
rpl_iptunnel.c
net: ipv6: rpl_iptunnel: simplify the return expression of rpl_do_srh()
2020-12-08 16:22:54 -08:00
rpl.c
net: ipv6: rpl*: Fix strange kerneldoc warnings due to bad header
2020-10-30 12:12:52 -07:00
seg6_hmac.c
crypto: sha - split sha.h into sha1.h and sha2.h
2020-11-20 14:45:33 +11:00
seg6_iptunnel.c
seg6_iptunnel: Remove redundant initialization of variable err
2021-09-03 12:32:25 +01:00
seg6_local.c
ipv6: seg6: remove duplicated include
2021-08-31 12:41:47 +01:00
seg6.c
net: Remove redundant assignment to err
2021-04-29 15:34:15 -07:00
sit.c
ip_tunnel: use ndo_siocdevprivate
2021-07-27 20:11:44 +01:00
syncookies.c
selinux/stable-5.11 PR 20201214
2020-12-16 11:01:04 -08:00
sysctl_net_ipv6.c
ipv6: ioam: Data plane support for Pre-allocated Trace
2021-07-21 08:14:33 -07:00
tcp_ipv6.c
net: send SYNACK packet with accepted fwmark
2021-07-09 11:24:02 -07:00
tcpv6_offload.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
tunnel6.c
tunnel6: add tunnel6_input_afinfo for ipip and ipv6 tunnels
2020-07-09 12:52:37 +02:00
udp_impl.h
net: pass a sockptr_t into ->setsockopt
2020-07-24 15:41:54 -07:00
udp_offload.c
udp: properly complete L4 GRO over UDP tunnel packet
2021-03-30 17:06:49 -07:00
udp.c
net: prefer socket bound to interface when not in VRF
2021-10-07 07:27:55 -07:00
udplite.c
net/ipv6: remove compat_ipv6_{get,set}sockopt
2020-07-19 18:16:41 -07:00
xfrm6_input.c
xfrm: state: remove extract_input indirection from xfrm_state_afinfo
2020-05-06 09:40:08 +02:00
xfrm6_output.c
net: ipv6: fix return value of ip6_skb_dst_mtu
2021-07-02 11:57:01 -07:00
xfrm6_policy.c
net: add bool confirm_neigh parameter for dst_ops.update_pmtu
2019-12-24 22:28:54 -08:00
xfrm6_protocol.c
xfrm: add support for UDPv6 encapsulation of ESP
2020-04-28 11:28:36 +02:00
xfrm6_state.c
xfrm: remove output_finish indirection from xfrm_state_afinfo
2020-05-06 09:40:08 +02:00
xfrm6_tunnel.c
xfrm: remove description from xfrm_type struct
2021-06-09 09:38:52 +02:00