subject:"\[PATCH\] netfilter\: fix int overflow in xt_alloc_table

Re: [PATCH] netfilter: fix int overflow in xt_alloc_table_info()

2018-01-06 Thread Pablo Neira Ayuso

On Thu, Dec 28, 2017 at 09:48:54AM +0100, Dmitry Vyukov wrote: > syzkaller triggered OOM kills by passing ipt_replace.size = -1 > to IPT_SO_SET_REPLACE. The root cause is that SMP_ALIGN() in > xt_alloc_table_info() causes int overflow and the size check passes > when it should not. SMP_ALIGN() is n

Re: [PATCH] netfilter: fix int overflow in xt_alloc_table_info()

2018-01-06 Thread Dmitry Vyukov

On Thu, Dec 28, 2017 at 9:48 AM, Dmitry Vyukov wrote: > syzkaller triggered OOM kills by passing ipt_replace.size = -1 > to IPT_SO_SET_REPLACE. The root cause is that SMP_ALIGN() in > xt_alloc_table_info() causes int overflow and the size check passes > when it should not. SMP_ALIGN() is no longer

[PATCH] netfilter: fix int overflow in xt_alloc_table_info()

2017-12-28 Thread Dmitry Vyukov

syzkaller triggered OOM kills by passing ipt_replace.size = -1 to IPT_SO_SET_REPLACE. The root cause is that SMP_ALIGN() in xt_alloc_table_info() causes int overflow and the size check passes when it should not. SMP_ALIGN() is no longer needed leftover. Remove SMP_ALIGN() call in xt_alloc_table_in

Re: [PATCH] netfilter: fix int overflow in xt_alloc_table_info()

Re: [PATCH] netfilter: fix int overflow in xt_alloc_table_info()

[PATCH] netfilter: fix int overflow in xt_alloc_table_info()

3 matches

Site Navigation

Mail list logo

Footer information