evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net
History
Florian Westphal 935e69ad82 netfilter: x_tables: fix unconditional helper 
Ben Hawkes says:

 In the mark_source_chains function (net/ipv4/netfilter/ip_tables.c) it
 is possible for a user-supplied ipt_entry structure to have a large
 next_offset field. This field is not bounds checked prior to writing a
 counter value at the supplied offset.

Problem is that mark_source_chains should not have been called --
the rule doesn't have a next entry, so its supposed to return
an absolute verdict of either ACCEPT or DROP.

However, the function conditional() doesn't work as the name implies.
It only checks that the rule is using wildcard address matching.

However, an unconditional rule must also not be using any matches
(no -m args).

The underflow validator only checked the addresses, therefore
passing the 'unconditional absolute verdict' test, while
mark_source_chains also tested for presence of matches, and thus
proceeeded to the next (not-existent) rule.

Unify this so that all the callers have same idea of 'unconditional rule'.

Reported-by: Ben Hawkes <hawkes@google.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Dennis Cagle <d-cagle@codeaurora.org>
Git-repo: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git
Git-commit: 54d83fc74aa9ec72794373cb47432c5f7fb1a309
(cherry picked from commit 54d83fc74aa9ec72794373cb47432c5f7fb1a309)
Change-Id: I425228695bd50751476ac6032f10e3b927825f35
2016-09-13 14:02:08 -07:00
..
6lowpan
9p
802
8021q
appletalk
atm
ax25 ax25: add link layer header validation function 2016-04-20 15:42:00 +09:00
batman-adv Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
bluetooth Merge remote-tracking branch 'msm-4.4/tmp-2bf7955' into msm-4.4 2016-07-22 16:45:32 -07:00
bridge Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
caif
can
ceph
core Merge "skb: printing port numbers with gso trace events" 2016-09-08 14:32:08 -07:00
dcb
dccp tcp/dccp: remove obsolete WARN_ON() in icmp handlers 2016-04-20 15:42:04 +09:00
decnet Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
dns_resolver
dsa
ethernet
hsr
ieee802154
ipc_router net: ipc_router: Fix remote port conn_info memory leak 2016-08-26 19:33:03 +05:30
ipv4 netfilter: x_tables: fix unconditional helper 2016-09-13 14:02:08 -07:00
ipv6 netfilter: x_tables: fix unconditional helper 2016-09-13 14:02:08 -07:00
ipx
irda
iucv
key
l2tp ipv6: l2tp: fix a potential issue in l2tp_ip6_recv 2016-04-20 15:42:06 +09:00
l3mdev
lapb
llc Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
mac80211 Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
mac802154
mpls mpls: find_outdev: check for err ptr in addition to NULL check 2016-04-20 15:42:07 +09:00
netfilter Merge "Replace %p with %pK to prevent leaking kernel address" 2016-09-02 13:52:46 -07:00
netlabel
netlink Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
netrom
nfc
openvswitch Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
packet Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
phonet
rds
rfkill Merge remote-tracking branch 'origin/tmp-917a9a9133a6' into lsk 2016-07-12 11:40:49 -07:00
rmnet_data net: rmnet_data: Define the skb recycle handler for transports 2016-09-12 14:05:12 -06:00
rose
rxrpc
sched Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
sctp sctp: lack the check for ports in sctp_v6_cmp_addr 2016-04-20 15:41:58 +09:00
sunrpc Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
switchdev
tipc tipc: Revert "tipc: use existing sk_write_queue for outgoing packet chain" 2016-04-20 15:41:58 +09:00
unix Revert "net: unix: Fix uninitialized warnings when building for ARCH=um" 2016-03-23 21:22:54 -07:00
vmw_vsock Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
wimax
wireless Merge "cfg80211: Add support for aborting an ongoing scan" 2016-09-11 09:04:05 -07:00
x25 Revert "Merge remote-tracking branch 'msm-4.4/tmp-510d0a3f' into msm-4.4" 2016-08-26 14:34:05 -07:00
xfrm net: Revert upstream changes which break routing in tunnel scenarios 2016-07-21 10:58:54 -06:00
compat.c
Kconfig Revert "net: activity_stats: Add statistics for network transmission activity" 2016-07-28 19:47:52 -07:00
Makefile Revert "net: activity_stats: Add statistics for network transmission activity" 2016-07-28 19:47:52 -07:00
socket.c Merge remote-tracking branch 'msm-4.4/tmp-2bf7955' into msm-4.4 2016-07-22 16:45:32 -07:00
sysctl_net.c