subject:"\[PATCH nf\-next\] netfilter\: log\: Check param to avoid overflow in nf_log_set"

Re: [PATCH nf-next] netfilter: log: Check param to avoid overflow in nf_log_set

2016-08-29 Thread Pablo Neira Ayuso

On Sun, Aug 28, 2016 at 10:30:18PM +0800, f...@ikuai8.com wrote: > From: Gao Feng > > The nf_log_set is an interface function, so it should do the strict sanity > check of parameters. Add one sanity check for pf, it could not exceed > NFPROTO_NUMPROTO, and print error log when

Re: [PATCH nf-next] netfilter: log: Check param to avoid overflow in nf_log_set

2016-08-28 Thread Feng Gao

On Sun, Aug 28, 2016 at 10:30 PM, wrote: > From: Gao Feng > > The nf_log_set is an interface function, so it should do the strict sanity > check of parameters. Add one sanity check for pf, it could not exceed > NFPROTO_NUMPROTO, and print error log when pf is

[PATCH nf-next] netfilter: log: Check param to avoid overflow in nf_log_set

2016-08-28 Thread fgao

From: Gao Feng The nf_log_set is an interface function, so it should do the strict sanity check of parameters. Add one sanity check for pf, it could not exceed NFPROTO_NUMPROTO, and print error log when pf is invalid. Signed-off-by: Gao Feng ---