git.osdn.net Git - tomoyo/tomoyo-test1.git/commit

(root) / tomoyo / tomoyo-test1.git / commit

author	Jay Elliott <jelliott@arista.com>
	Wed, 15 Nov 2017 23:01:13 +0000 (15:01 -0800)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 28 Nov 2017 00:17:04 +0000 (01:17 +0100)
commit	8b1836c4b64386e9bc580438cae386ed31a43ab9
tree	0d4f9364bc5ef3f6fbf1ed9ac464262b632f9ffd	tree \| snapshot
parent	fbcd253d2448b8f168241e38f629a36c4c8c1e94	commit \| diff

netfilter: conntrack: clamp timeouts to INT_MAX

When the conntracking code multiplies a timeout by HZ, it can overflow
from positive to negative; this causes it to instantly expire. To
protect against this the multiplication is done in 64-bit so we can
prevent it from exceeding INT_MAX.

Signed-off-by: Jay Elliott <jelliott@arista.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/netfilter/nf_conntrack_netlink.c

diff | blob | history

This is a test repository.

RSS Atom

About OSDN

Find Software

Develop Software

Help