subject:"\[PATCH 1\/5\] netfilter\: x_tables\: validate e\->target_offset early"

Re: [PATCH 1/5] netfilter: x_tables: validate e->target_offset early

2016-03-24 Thread Pablo Neira Ayuso

On Tue, Mar 22, 2016 at 06:02:49PM +0100, Florian Westphal wrote: > We should check that e->target_offset is sane before > mark_source_chains gets called since it will fetch the target entry > for loop detection. Applied, thanks Florian. -- To unsubscribe from this list: send the line

[PATCH 1/5] netfilter: x_tables: validate e->target_offset early

2016-03-22 Thread Florian Westphal

We should check that e->target_offset is sane before mark_source_chains gets called since it will fetch the target entry for loop detection. Signed-off-by: Florian Westphal --- net/ipv4/netfilter/arp_tables.c | 17 - net/ipv4/netfilter/ip_tables.c | 17