linux/net/netfilter
Jay Elliott 8b1836c4b6 netfilter: conntrack: clamp timeouts to INT_MAX
When the conntracking code multiplies a timeout by HZ, it can overflow
from positive to negative; this causes it to instantly expire.  To
protect against this the multiplication is done in 64-bit so we can
prevent it from exceeding INT_MAX.

Signed-off-by: Jay Elliott <jelliott@arista.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2017-11-28 01:17:04 +01:00
..
2017-11-15 13:46:33 -08:00
2017-05-02 10:16:04 -04:00
2017-04-15 11:51:33 +02:00
2015-05-14 13:00:27 +02:00
2017-07-25 12:31:37 -07:00
2016-12-25 17:21:22 +01:00