Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2218730/?format=api
{ "id": 2218730, "url": "http://patchwork.ozlabs.org/api/patches/2218730/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260401195735.564488-1-xmei5@asu.edu/", "project": { "id": 26, "url": "http://patchwork.ozlabs.org/api/projects/26/?format=api", "name": "Netfilter Development", "link_name": "netfilter-devel", "list_id": "netfilter-devel.vger.kernel.org", "list_email": "netfilter-devel@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260401195735.564488-1-xmei5@asu.edu>", "list_archive_url": null, "date": "2026-04-01T19:57:35", "name": "[net] netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "9ca18462ef29d4faa13beb77017d9bcf26e0ba3b", "submitter": { "id": 93033, "url": "http://patchwork.ozlabs.org/api/people/93033/?format=api", "name": "Xiang Mei", "email": "xmei5@asu.edu" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260401195735.564488-1-xmei5@asu.edu/mbox/", "series": [ { "id": 498381, "url": "http://patchwork.ozlabs.org/api/series/498381/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=498381", "date": "2026-04-01T19:57:35", "name": "[net] netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/498381/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2218730/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2218730/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <netfilter-devel+bounces-11574-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "netfilter-devel@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=asu.edu header.i=@asu.edu header.a=rsa-sha256\n header.s=google header.b=STdnQ0+l;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=172.105.105.114; helo=tor.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-11574-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=asu.edu header.i=@asu.edu\n header.b=\"STdnQ0+l\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=74.125.82.42", "smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=asu.edu", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=asu.edu" ], "Received": [ "from tor.lore.kernel.org (tor.lore.kernel.org [172.105.105.114])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fmG4R5RfTz1xtJ\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 02 Apr 2026 06:57:59 +1100 (AEDT)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id 08001303EE8A\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 1 Apr 2026 19:57:57 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 76B843446DE;\n\tWed, 1 Apr 2026 19:57:55 +0000 (UTC)", "from mail-dl1-f42.google.com (mail-dl1-f42.google.com\n [74.125.82.42])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id C9EEB2F90E0\n\tfor <netfilter-devel@vger.kernel.org>; Wed, 1 Apr 2026 19:57:53 +0000 (UTC)", "by mail-dl1-f42.google.com with SMTP id\n a92af1059eb24-1271195d2a7so695509c88.0\n for <netfilter-devel@vger.kernel.org>;\n Wed, 01 Apr 2026 12:57:53 -0700 (PDT)", "from p1.scai.dhcp.asu.edu (209-147-138-15.nat.asu.edu.\n [209.147.138.15])\n by smtp.gmail.com with ESMTPSA id\n a92af1059eb24-12bed93f861sm1540852c88.0.2026.04.01.12.57.52\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Wed, 01 Apr 2026 12:57:52 -0700 (PDT)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1775073475; cv=none;\n b=dvlC7ACtqUwgzSU1bchfExUYXIhF3dL67D/y5g8K0vHpIA807U+tbqRO9ZosZdj4Esg38hcKbagIy1XaQT/6lYfI2LT8ERqi0omuzt/h4jZ4KrF5PD+VWB6VEQl1Jn2k3Q1XDju4D/C8n6H+ZTlV9fjJwJqZznf8hGRMwwOBr4A=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1775073475; c=relaxed/simple;\n\tbh=unEbOdgeG11Dld7ycx+4oWww6aKqjFlb3XITUjj8xJg=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=uwmyB2a3SXIMYP6o82tTY6iYRaKUeMbWlrJAkGZyAC+MsSWCEV558Oe96xcE8iT3VNqjzYLvw7yO4wV9lFWszoTdkvDBL2I4tsSE0UsOUDpBO+4vrQZ5lrbswDUui7R9QsRsowmmgCbYuSEUIiZHH25jNYysb3AP7dviLvH63EA=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=asu.edu;\n spf=pass smtp.mailfrom=asu.edu;\n dkim=pass (2048-bit key) header.d=asu.edu header.i=@asu.edu\n header.b=STdnQ0+l; arc=none smtp.client-ip=74.125.82.42", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=asu.edu; s=google; t=1775073473; x=1775678273; darn=vger.kernel.org;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:from:to:cc:subject:date:message-id:reply-to;\n bh=aeITYxK34c/QDzcWz7FhrmR9ZS2GxFl1Q0wwk/XvrR0=;\n b=STdnQ0+lWiocYIJyVmuvCHrqzSz+dRo/lEVN1klQ30ZmXgXbjqOdItypPfyMrslnse\n n5wfRZXHt4fcHY8lAfy3UfBaB83h3vftY4vj4fE1OgXwpSycNgZAkmMJSFzRr3LLszxa\n xVKBM2uh+Vz3N7l9gQJve27K0xMU71vasEXpE9EvjWHR0gnAJrfVr+YhiuaICMOELYRm\n aVVNKHNdc9tR1wM10UA5YKQomrudAgDL+DDtycDIyNyCUWxFD65U9H6UfZP5OT9GfUgC\n vDv0P49q/3Z/ot5q66fnTPM1xnKlli+VsDiia+ONNzoLPaqxnsmojLqnSmzZXp5D41U8\n 2biw==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1775073473; x=1775678273;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=aeITYxK34c/QDzcWz7FhrmR9ZS2GxFl1Q0wwk/XvrR0=;\n b=JlvnvbFTT5QeIAap79xVcngz27BaQIhN0bGuUrzreLKnQBcexKALk3uAve3AU1yON/\n uiqQBZjdcwDXFyeRehAslSgBovZTx/babVTatoZ+O9hu8AmUjRfmlGfI641kYUEsknNJ\n Jqw3TKZjmxh8WKRJH9539iVuCZYy+CWijKOIUud6Nbp1USQH8inhuxZIyzb7oB8DiKPo\n iszmrKYryDmMJJjtFUxC+J1rgsgTGAwn91rvWTEyl8wchT5RBVUKfrhmojwI2t/DiiQv\n PBhVxJ5kpUxtXGQBVOLBRo4fx7wYPL1SyNYoctarr16atcaGk3nkRzL5VMcDXLd9HfXn\n 0zvg==", "X-Gm-Message-State": "AOJu0Yz9FDIVmmuFFE9H+RRSsouuVKZNzhBXa77DA5mGpL376vztaot5\n\t+8v2ODwvLsesbYtymQs+C+OE8teqbpB0M52o5eKQBbujB7lcMZl11AHOu0xlBq3Cz6XswSCDBB6\n\t74xFaPTYY", "X-Gm-Gg": "ATEYQzz3pjzkaIXpQsrfRKSgwiMdgaqmwLROrFOMsLvxqK1gREqYRp002At/J+UWImC\n\tYjIG3Adu9YUVbIyzjpPzsIQwWGt0ncRd1C7V24J0TBgol2Fr1DTUz6DrL6gmIEtdE4WNBDPVhZj\n\tYaRN19LXgTIKVyA1MHyx+Y8ZsUjoywr+ifXIvkVP26hR/CCXGiMh6t/sulBMd3FhKYP4QW1h2ji\n\tTAcTLZjg//tTVUCIr0fmZBit+MAcX7Rijxk9uuuvOX0iow+FF4mSLEo0wA/t5FghhyjzLBtCsMV\n\t60k4fC2iMvnOHLHhtKzZfzBxG/NUbtymf7Ws5ZPG598LiXpwjCU/YkMJNCX+NnlcXg0Il6AdaEX\n\tQ7eVpsYffJbFInc6CadTS6M/AxkSHYLFB7xhYrj4wEe6FvRGpLVKr8uJZkXSpX/+uNPcNT1MTsy\n\tfB7ahqLsMrDVqbATYm5stQ7+1FI8qE5bNjIpcMy9E1Rlsl6r7oarEkrw==", "X-Received": "by 2002:a05:7022:fd07:b0:12b:ed30:5b85 with SMTP id\n a92af1059eb24-12bed305f94mr912158c88.2.1775073472682;\n Wed, 01 Apr 2026 12:57:52 -0700 (PDT)", "From": "Xiang Mei <xmei5@asu.edu>", "To": "netfilter-devel@vger.kernel.org", "Cc": "pablo@netfilter.org,\n\tfw@strlen.de,\n\tphil@nwl.cc,\n\tdavem@davemloft.net,\n\teric@inl.fr,\n\tcoreteam@netfilter.org,\n\tnetdev@vger.kernel.org,\n\tbestswngs@gmail.com,\n\tXiang Mei <xmei5@asu.edu>", "Subject": "[PATCH net] netfilter: nfnetlink_log: initialize nfgenmsg in\n NLMSG_DONE terminator", "Date": "Wed, 1 Apr 2026 12:57:35 -0700", "Message-ID": "<20260401195735.564488-1-xmei5@asu.edu>", "X-Mailer": "git-send-email 2.43.0", "Precedence": "bulk", "X-Mailing-List": "netfilter-devel@vger.kernel.org", "List-Id": "<netfilter-devel.vger.kernel.org>", "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit" }, "content": "When batching multiple NFLOG messages (inst->qlen > 1), __nfulnl_send()\nappends an NLMSG_DONE terminator with sizeof(struct nfgenmsg) payload via\nnlmsg_put(), but never initializes the nfgenmsg bytes. The nlmsg_put()\nhelper only zeroes alignment padding after the payload, not the payload\nitself, so four bytes of stale kernel heap data are leaked to userspace\nin the NLMSG_DONE message body.\n\nInitialize the nfgenmsg struct after nlmsg_put(), consistent with how\n__build_packet_message() populates nfgenmsg for regular NFULNL_MSG_PACKET\nmessages, to prevent leaking kernel heap data to userspace.\n\nFixes: 29c5d4afba51 (\"[NETFILTER]: nfnetlink_log: fix sending of multipart messages\")\nReported-by: Weiming Shi <bestswngs@gmail.com>\nSigned-off-by: Xiang Mei <xmei5@asu.edu>\n---\n net/netfilter/nfnetlink_log.c | 5 +++++\n 1 file changed, 5 insertions(+)", "diff": "diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c\nindex fcbe54940b2e..ad4eaf27590e 100644\n--- a/net/netfilter/nfnetlink_log.c\n+++ b/net/netfilter/nfnetlink_log.c\n@@ -361,6 +361,7 @@ static void\n __nfulnl_send(struct nfulnl_instance *inst)\n {\n \tif (inst->qlen > 1) {\n+\t\tstruct nfgenmsg *nfmsg;\n \t\tstruct nlmsghdr *nlh = nlmsg_put(inst->skb, 0, 0,\n \t\t\t\t\t\t NLMSG_DONE,\n \t\t\t\t\t\t sizeof(struct nfgenmsg),\n@@ -370,6 +371,10 @@ __nfulnl_send(struct nfulnl_instance *inst)\n \t\t\tkfree_skb(inst->skb);\n \t\t\tgoto out;\n \t\t}\n+\t\tnfmsg = nlmsg_data(nlh);\n+\t\tnfmsg->nfgen_family = AF_UNSPEC;\n+\t\tnfmsg->version = NFNETLINK_V0;\n+\t\tnfmsg->res_id = htons(inst->group_num);\n \t}\n \tnfnetlink_unicast(inst->skb, inst->net, inst->peer_portid);\n out:\n", "prefixes": [ "net" ] }