git.osdn.net Git - tomoyo/tomoyo-test1.git/commit

(root) / tomoyo / tomoyo-test1.git / commit

author	Florian Westphal <fw@strlen.de>
	Mon, 5 Sep 2022 10:09:37 +0000 (12:09 +0200)
committer	David S. Miller <davem@davemloft.net>
	Wed, 7 Sep 2022 11:33:44 +0000 (12:33 +0100)
commit	e7af210e6dd0de633d3f4850383310cf57473bc8
tree	98c5caf15be26c3223112d743687ef49bdd37e06	tree \| snapshot
parent	08724ef69907214ce622344fe4945412e38368f0	commit \| diff

netfilter: nft_payload: reject out-of-range attributes via policy

Now that nla_policy allows range checks for bigendian data make use of
this to reject such attributes. At this time, reject happens later
from the init or select_ops callbacks, but its prone to errors.

In the future, new attributes can be handled via NLA_POLICY_MAX_BE
and exiting ones can be converted one by one.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/netfilter/nft_payload.c

diff | blob | history

This is a test repository.

RSS Atom

About OSDN

Find Software

Develop Software

Help