linux

iv/linux

History

Florian Westphal 54d83fc74a netfilter: x_tables: fix unconditional helper Ben Hawkes says: In the mark_source_chains function (net/ipv4/netfilter/ip_tables.c) it is possible for a user-supplied ipt_entry structure to have a large next_offset field. This field is not bounds checked prior to writing a counter value at the supplied offset. Problem is that mark_source_chains should not have been called -- the rule doesn't have a next entry, so its supposed to return an absolute verdict of either ACCEPT or DROP. However, the function conditional() doesn't work as the name implies. It only checks that the rule is using wildcard address matching. However, an unconditional rule must also not be using any matches (no -m args). The underflow validator only checked the addresses, therefore passing the 'unconditional absolute verdict' test, while mark_source_chains also tested for presence of matches, and thus proceeeded to the next (not-existent) rule. Unify this so that all the callers have same idea of 'unconditional rule'. Reported-by: Ben Hawkes <hawkes@google.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>		2016-03-28 17:59:15 +02:00
..
netfilter	netfilter: x_tables: fix unconditional helper	2016-03-28 17:59:15 +02:00
af_inet.c	net: ipv4: Fix truncated timestamp returned by inet_current_timestamp()	2016-03-21 22:56:38 -04:00
ah4.c	ah4: Fix error return in ah_input().	2015-08-25 13:38:50 -07:00
arp.c	arp: correct return value of arp_rcv	2016-03-07 14:55:04 -05:00
cipso_ipv4.c
datagram.c	net: Set sk_txhash from a random number	2015-07-29 22:44:04 -07:00
devinet.c	ipv4: Don't do expensive useless work during inetdev destroy.	2016-03-13 23:28:35 -04:00
esp4.c
fib_frontend.c	ipv4: initialize flowi4_flags before calling fib_lookup()	2016-03-22 15:59:23 -04:00
fib_lookup.h	ipv4: consider TOS in fib_select_default	2015-07-24 22:46:11 -07:00
fib_rules.c	net: ipv6: use common fib_default_rule_pref	2015-09-09 14:19:50 -07:00
fib_semantics.c	net: Fix prefsrc lookups	2015-11-04 21:34:37 -05:00
fib_trie.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-02-01 15:56:08 -08:00
fou.c	tunnels: Remove encapsulation offloads on decap.	2016-03-20 16:33:40 -04:00
gre_demux.c	gre: Remove support for sharing GRE protocol hook.	2015-08-10 14:03:54 -07:00
gre_offload.c	net: Reset encap_level to avoid resetting features on inner IP headers	2016-03-23 14:19:08 -04:00
icmp.c	net: ipv4: Convert IP network timestamps to be y2038 safe	2016-03-01 17:18:44 -05:00
igmp.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-03-08 12:34:12 -05:00
inet_connection_sock.c	soreuseport: fix merge conflict in tcp bind	2016-02-24 13:38:18 -05:00
inet_diag.c	net: diag: add a scheduling point in inet_diag_dump_icsk()	2016-03-14 19:38:09 -04:00
inet_fragment.c	inet: kill unused skb_free op	2016-01-05 22:25:57 -05:00
inet_hashtables.c	tcp/dccp: better use of ephemeral ports in connect()	2016-02-12 05:28:32 -05:00
inet_timewait_sock.c	tcp/dccp: fix timewait races in timer handling	2015-09-21 16:32:29 -07:00
inetpeer.c	net: Add helper function to compare inetpeer addresses	2015-08-28 13:32:36 -07:00
ip_forward.c	net: remove skb_sender_cpu_clear()	2016-03-01 17:36:47 -05:00
ip_fragment.c	net: Export ip fragment sysctl to unprivileged users	2016-02-16 20:42:54 -05:00
ip_gre.c	bpf, vxlan, geneve, gre: fix usage of dst_cache on xmit	2016-03-08 13:58:47 -05:00
ip_input.c	ipv4: namespacify ip_early_demux sysctl knob	2016-02-16 20:42:54 -05:00
ip_options.c	net: ipv4: Convert IP network timestamps to be y2038 safe	2016-03-01 17:18:44 -05:00
ip_output.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-03-08 12:34:12 -05:00
ip_sockglue.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-02-23 00:09:14 -05:00
ip_tunnel_core.c	Fix returned tc and hoplimit values for route with IPv6 encapsulation	2016-03-27 22:35:02 -04:00
ip_tunnel.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-03-08 12:34:12 -05:00
ip_vti.c	ip_tunnel: Move stats update to iptunnel_xmit()	2015-12-25 23:32:23 -05:00
ipcomp.c
ipconfig.c	ipv4: ipconfig: avoid unused ic_proto_used symbol	2016-01-29 19:39:09 -08:00
ipip.c	iptunnel: scrub packet in iptunnel_pull_header	2016-02-18 14:34:54 -05:00
ipmr.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2015-12-03 21:09:12 -05:00
Kconfig	ipv4: Remove inet_lro library	2016-02-17 16:15:46 -05:00
Makefile	ipv4: Remove inet_lro library	2016-02-17 16:15:46 -05:00
netfilter.c	ipv4: Pass struct net into ip_route_me_harder	2015-09-29 20:21:32 +02:00
ping.c	net/ipv4: remove left over dead code	2016-03-02 15:00:55 -05:00
proc.c	ipv4: Namespaceify ip_default_ttl sysctl knob	2016-02-16 20:42:54 -05:00
protocol.c
raw.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-02-23 00:09:14 -05:00
route.c	route: check and remove route cache when we get route	2016-02-18 11:31:36 -05:00
syncookies.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2016-03-19 10:05:34 -07:00
sysctl_net_ipv4.c	ipv4: namespacify ip_early_demux sysctl knob	2016-02-16 20:42:54 -05:00
tcp_bic.c	tcp: add tcp_in_slow_start helper	2015-07-09 14:22:52 -07:00
tcp_cdg.c	tcp: do not slow start when cwnd equals ssthresh	2015-07-09 14:22:52 -07:00
tcp_cong.c	tcp: remove tcp_ecn_make_synack() socket argument	2015-09-25 13:00:38 -07:00
tcp_cubic.c	tcp_cubic: do not set epoch_start in the future	2015-09-17 22:35:07 -07:00
tcp_dctcp.c	tcp: allow dctcp alpha to drop to zero	2015-10-23 02:46:52 -07:00
tcp_diag.c	net: diag: Support destroying TCP sockets.	2015-12-15 23:26:52 -05:00
tcp_fastopen.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2016-03-19 10:05:34 -07:00
tcp_highspeed.c	tcp: add tcp_in_slow_start helper	2015-07-09 14:22:52 -07:00
tcp_htcp.c	tcp: add tcp_in_slow_start helper	2015-07-09 14:22:52 -07:00
tcp_hybla.c	tcp: do not slow start when cwnd equals ssthresh	2015-07-09 14:22:52 -07:00
tcp_illinois.c	tcp: add tcp_in_slow_start helper	2015-07-09 14:22:52 -07:00
tcp_input.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-02-23 00:09:14 -05:00
tcp_ipv4.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2016-03-19 10:05:34 -07:00
tcp_lp.c
tcp_metrics.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-03-08 12:34:12 -05:00
tcp_minisocks.c	tcp: Add RFC4898 tcpEStatsPerfDataSegsOut/In	2016-03-14 14:55:26 -04:00
tcp_offload.c	net: Store checksum result for offloaded GSO checksums	2016-02-11 08:55:33 -05:00
tcp_output.c	tcp: Add RFC4898 tcpEStatsPerfDataSegsOut/In	2016-03-14 14:55:26 -04:00
tcp_probe.c	net: ipv4: tcp_probe: Replace timespec with timespec64	2016-03-01 17:18:44 -05:00
tcp_recovery.c	tcp: use RACK to detect losses	2015-10-21 07:00:53 -07:00
tcp_scalable.c	tcp: add tcp_in_slow_start helper	2015-07-09 14:22:52 -07:00
tcp_timer.c	ipv4: Namespaceify tcp_orphan_retries sysctl knob	2016-02-07 14:35:11 -05:00
tcp_vegas.c	tcp: add tcp_in_slow_start helper	2015-07-09 14:22:52 -07:00
tcp_vegas.h
tcp_veno.c	tcp: add tcp_in_slow_start helper	2015-07-09 14:22:52 -07:00
tcp_westwood.c
tcp_yeah.c	tcp_yeah: don't set ssthresh below 2	2016-01-11 17:25:16 -05:00
tcp.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2016-03-19 10:05:34 -07:00
tunnel4.c
udp_diag.c	soreuseport: setsockopt SO_ATTACH_REUSEPORT_[CE]BPF	2016-01-04 22:49:59 -05:00
udp_impl.h
udp_offload.c	net: Reset encap_level to avoid resetting features on inner IP headers	2016-03-23 14:19:08 -04:00
udp_tunnel.c	tunnel: Clear IPCB(skb)->opt before dst_link_failure called	2016-02-23 19:11:56 -05:00
udp.c	ipv4: fix broadcast packets reception	2016-03-22 15:53:50 -04:00
udplite.c
xfrm4_input.c	netfilter: Pass net into okfn	2015-09-17 17:18:37 -07:00
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2015-10-24 06:54:12 -07:00
xfrm4_policy.c	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec	2015-12-22 16:26:31 -05:00
xfrm4_protocol.c
xfrm4_state.c
xfrm4_tunnel.c