Eric Dumazet wrote:
>
>
> On 03/08/2018 04:24 PM, Florian Westphal wrote:
> >Eric Dumazet wrote:
> >>>Fixes: c4585a2823edf ("bridge: ebt_among: add missing match size checks")
> >>>Reported-by:
> >>>Signed-off-by: Florian Westphal
> >>>---
> >>> net/bridge/netfilter/ebt_among.c | 35
On 03/08/2018 04:24 PM, Florian Westphal wrote:
Eric Dumazet wrote:
Fixes: c4585a2823edf ("bridge: ebt_among: add missing match size checks")
Reported-by:
Signed-off-by: Florian Westphal
---
net/bridge/netfilter/ebt_among.c | 35 +++
1 file changed, 35 ins
Eric Dumazet wrote:
> >Fixes: c4585a2823edf ("bridge: ebt_among: add missing match size checks")
> >Reported-by:
> >Signed-off-by: Florian Westphal
> >---
> > net/bridge/netfilter/ebt_among.c | 35 +++
> > 1 file changed, 35 insertions(+)
> >
> >diff --git a/net/
On 03/08/2018 02:24 PM, Florian Westphal wrote:
ebt_among is special, it has a dynamic match size and is exempt
from the central size checks.
commit c4585a2823edf ("bridge: ebt_among: add missing match size checks")
added validation for pool size, but missed fact that the macros
ebt_among_wh_s
ebt_among is special, it has a dynamic match size and is exempt
from the central size checks.
commit c4585a2823edf ("bridge: ebt_among: add missing match size checks")
added validation for pool size, but missed fact that the macros
ebt_among_wh_src/dst can already return out-of-bound result becaus
