2016-03-24 1:38 GMT+08:00, Pablo Neira Ayuso :
> On Thu, Mar 24, 2016 at 12:42:43AM +0800, Baozeng wrote:
>> 2016-03-22 23:27 GMT+08:00 Eric Dumazet :
>> > Untested patch would be :
>> >
>> > diff --git a/net/bridge/netfilter/ebtables.c
>> > b/net/bridge/netfilter/ebtables.c
>> > index 67b2e27999aa
On Thu, Mar 24, 2016 at 12:42:43AM +0800, Baozeng wrote:
> 2016-03-22 23:27 GMT+08:00 Eric Dumazet :
> > Untested patch would be :
> >
> > diff --git a/net/bridge/netfilter/ebtables.c
> > b/net/bridge/netfilter/ebtables.c
> > index 67b2e27999aa..fceb7354d169 100644
> > --- a/net/bridge/netfilter/e
On Thu, 2016-03-24 at 00:42 +0800, Baozeng wrote:
> Thanks for your quick patch. I tested it but it still reproduce the
> bug. We should limit the length of the name,
> not the prefix. The following patch fixs it.
>
> diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
2016-03-22 23:27 GMT+08:00 Eric Dumazet :
>
> On Tue, 2016-03-22 at 08:21 -0700, Eric Dumazet wrote:
> > On Tue, 2016-03-22 at 23:08 +0800, Baozeng Ding wrote:
> > > Hi all,
> > >
> > > The following program triggers an out-of-bounds bug in
> > > sctp_getsockopt. The kernel version is 4.5 (on Mar 1
On Tue, 2016-03-22 at 08:21 -0700, Eric Dumazet wrote:
> On Tue, 2016-03-22 at 23:08 +0800, Baozeng Ding wrote:
> > Hi all,
> >
> > The following program triggers an out-of-bounds bug in
> > sctp_getsockopt. The kernel version is 4.5 (on Mar 16
> > commit 09fd671ccb2475436bd5f597f751ca4a7d177aea).
