From patchwork Wed Aug 10 15:31:52 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: nevola X-Patchwork-Id: 657867 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3s8h2f4L65z9sXy for ; Thu, 11 Aug 2016 05:26:02 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=W3d0P6T1; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935431AbcHJTZr (ORCPT ); Wed, 10 Aug 2016 15:25:47 -0400 Received: from mail-wm0-f67.google.com ([74.125.82.67]:34861 "EHLO mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933631AbcHJTZp (ORCPT ); Wed, 10 Aug 2016 15:25:45 -0400 Received: by mail-wm0-f67.google.com with SMTP id i5so11485698wmg.2 for ; Wed, 10 Aug 2016 12:25:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=9OK/TqofOJHmvtD7zoOCSQKOnZ5HjYhH3tq2k0Id03M=; b=W3d0P6T1gWA3L1tbar+mq2Ue1XpuHIAUfw2m8seplow13SMYohh8iaKbhqU20NvR8u kzmpMG4aRxYjPLz3hcFlnWWPGXE8IBP+3a05+oyLFjmkrq72/IvargDFe8FxD7JZKHHg hEKErYv47DDeWQSRvj+QrEHTG3OLwmV7FISEMmaD7oQ2vsyGdTgHuefpeYDhoELCHD6H xD/Uvit1QY1FoQzT2QgJC5uKTF7nKBdOf6SlEpzkLVfFNYTHCu5b3nE29ViEItSKjEmF yVP8NMuBV1AhpIHZeWGozzXbVPW1i06NWy3+E/DYQ16BqHNFhq/uH6rk0o62Jn8dHYJ1 aauA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=9OK/TqofOJHmvtD7zoOCSQKOnZ5HjYhH3tq2k0Id03M=; b=YIW1FrpAq4dHFKPtNi6fzP5D3PifGA37eCLFppKoZi6ue4dgc0se0Z6CbXM4yxzV5C /dsjIc7vaiaUz1uJKmLq1DZNgj6ycs50owvfN43wRuzAdJuOhHnrYpS3YlbC6I16KQ6V hKSz0pLbCg+uzjxijfl5ch6zUJmTrCMa7UIK/tQKHAFDTLu9c1X9alZVyif+EHEENoXe 8ovfAEEmlmZkksZsC8g2eQpoWRgL9ts/U/lry9pyX17+yO+RgcOmmcq0Bmvxs3meM9mD B4pV179uLRBz8SvI1NMldMnr3fJzVo/efDiLmjDqIW8pKQLuNOeQYpE2qGzSN5BECHp6 icLg== X-Gm-Message-State: AEkoouvYBAae9F7+CfEbrIHohWybbS4uQhT9Vf72V8U4X+O/KeNPT+L4uPjXYa3cxGxOGw== X-Received: by 10.28.51.21 with SMTP id z21mr4175475wmz.24.1470843114759; Wed, 10 Aug 2016 08:31:54 -0700 (PDT) Received: from sonyv (cli-5b7e49a2.wholesale.adamo.es. [91.126.73.162]) by smtp.gmail.com with ESMTPSA id 190sm8906895wmk.13.2016.08.10.08.31.53 for (version=TLS1_2 cipher=AES128-SHA bits=128/128); Wed, 10 Aug 2016 08:31:54 -0700 (PDT) Date: Wed, 10 Aug 2016 17:31:52 +0200 From: Laura Garcia Liebana To: netfilter-devel@vger.kernel.org Subject: [PATCH 4/5] netfilter: nf_tables: Check u32 load in u8 nft_immediate attribute Message-ID: <13f03298fe8c42993a4a56c3a2fe70cc67bd6bd5.1470842571.git.nevola@gmail.com> References: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Fix the direct assignment from u32 data input into the dlen attribute with a size of u8. Signed-off-by: Laura Garcia Liebana --- net/netfilter/nft_immediate.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/netfilter/nft_immediate.c b/net/netfilter/nft_immediate.c index db3b746..6de590c 100644 --- a/net/netfilter/nft_immediate.c +++ b/net/netfilter/nft_immediate.c @@ -53,6 +53,9 @@ static int nft_immediate_init(const struct nft_ctx *ctx, tb[NFTA_IMMEDIATE_DATA]); if (err < 0) return err; + + if (desc.len > U8_MAX) + return -EINVAL; priv->dlen = desc.len; priv->dreg = nft_parse_register(tb[NFTA_IMMEDIATE_DREG]);