On Fri, Mar 9, 2018 at 1:59 PM, syzbot
wrote:
> Hello,
>
> syzbot hit the following crash on net-next commit
> 617aebe6a97efa539cc4b8a52adccd89596e6be0 (Sun Feb 4 00:25:42 2018 +)
> Merge tag 'usercopy-v4.16-rc1' of
>
On Fri, Mar 9, 2018 at 2:58 PM, Eric Dumazet wrote:
>
>
> On 03/09/2018 02:56 PM, Eric Dumazet wrote:
>
>>
>> I sent a patch a while back, but Pablo/Florian wanted more than that
>> simple fix.
>>
>> We also need to filter special characters like '/'
proc_create_data()
On 03/09/2018 02:48 PM, Cong Wang wrote:
On Fri, Mar 9, 2018 at 1:59 PM, syzbot
wrote:
Hello,
syzbot hit the following crash on net-next commit
617aebe6a97efa539cc4b8a52adccd89596e6be0 (Sun Feb 4 00:25:42 2018 +)
Merge tag
Cong Wang wrote:
> On Fri, Mar 9, 2018 at 2:58 PM, Eric Dumazet wrote:
> >
> >
> > On 03/09/2018 02:56 PM, Eric Dumazet wrote:
> >
> >>
> >> I sent a patch a while back, but Pablo/Florian wanted more than that
> >> simple fix.
> >>
> >> We also
On 03/09/2018 02:56 PM, Eric Dumazet wrote:
I sent a patch a while back, but Pablo/Florian wanted more than that
simple fix.
We also need to filter special characters like '/'
Or maybe I am mixing with something else.
Yes, Florian mentioned that we also had to reject "." and ".."
--
recent and hashlimit both create /proc files, but only check that
name is 0 terminated.
This can trigger WARN() from procfs when name is "" or "/".
Add helper for this and then use it for both.
Cc: Eric Dumazet
Reported-by: Eric Dumazet
Eric Dumazet wrote:
> >>fs/proc/generic.c:354
> >
> >We need to reject empty names.
> >
>
> I sent a patch a while back, but Pablo/Florian wanted more than that simple
> fix.
>
> We also need to filter special characters like '/'
>
> Or maybe I am mixing with something
On 03/09/2018 03:05 PM, Cong Wang wrote:
BTW, the warning itself is all about empty names, so perhaps
it's better to fix them separately.
Huh ? You want more syzbot reports ? I do not.
I unblocked this report today [1], you can be sure that as soon
as syzbot gets the correct tag
On Fri, Mar 9, 2018 at 3:21 PM, Eric Dumazet wrote:
>
>
> On 03/09/2018 03:05 PM, Cong Wang wrote:
>>
>>
>> BTW, the warning itself is all about empty names, so perhaps
>> it's better to fix them separately.
>
>
> Huh ? You want more syzbot reports ? I do not.
I always
On 03/09/2018 03:32 PM, Cong Wang wrote:
On Fri, Mar 9, 2018 at 3:21 PM, Eric Dumazet wrote:
On 03/09/2018 03:05 PM, Cong Wang wrote:
BTW, the warning itself is all about empty names, so perhaps
it's better to fix them separately.
Huh ? You want more syzbot
Signed-off-by: Pablo Neira Ayuso
---
include/linux/netfilter/nf_tables.h | 12 ++--
src/expr/ct.c | 6 +-
2 files changed, 15 insertions(+), 3 deletions(-)
diff --git a/include/linux/netfilter/nf_tables.h
Signed-off-by: Pablo Neira Ayuso
---
include/ct.h| 3 +--
include/linux/netfilter/nf_tables.h | 12 ++--
src/ct.c| 21 +++--
src/evaluate.c | 2 +-
src/netlink_delinearize.c
Stéphane Veyret wrote:
> Hi,
>
> I saw that patches have been written some years ago for port
> triggering in Netfilter, but no such feature is currently available in
> the kernel. Is there any reason for that? If I write and submit such a
> patch as Xtables-addons module,
Pablo Neira Ayuso wrote:
> All existing keys, except the NFT_CT_SRC and NFT_CT_DST are assumed to
> have strict datatypes. This is causing problems with sets and
> concatenations given the specific length of these keys is not known.
Acked-by: Florian Westphal
All existing keys, except the NFT_CT_SRC and NFT_CT_DST are assumed to
have strict datatypes. This is causing problems with sets and
concatenations given the specific length of these keys is not known.
Signed-off-by: Pablo Neira Ayuso
---
@Florian: I know we've been trying
Hi,
Please tell me if my message was posted in the wrong place, or if I
don't use the right title convention…
Thank you,
--
Bien cordialement, / Plej kore,
Stéphane Veyret
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to
ebt_among is special, it has a dynamic match size and is exempt
from the central size checks.
commit c4585a2823edf ("bridge: ebt_among: add missing match size checks")
added validation for pool size, but missed fact that the macros
ebt_among_wh_src/dst can already return out-of-bound result
On 03/09/2018 02:03 AM, Florian Westphal wrote:
ebt_among is special, it has a dynamic match size and is exempt
from the central size checks.
commit c4585a2823edf ("bridge: ebt_among: add missing match size checks")
added validation for pool size, but missed fact that the macros
ebt_among is special, it has a dynamic match size and is exempt
from the central size checks.
commit c4585a2823edf ("bridge: ebt_among: add missing match size checks")
added validation for pool size, but missed fact that the macros
ebt_among_wh_src/dst can already return out-of-bound result
Fetch object, chain and set handles and with '-a' option and then delete
them.
Signed-off-by: Harsha Sharma
---
tests/shell/testcases/chains/0016delete_handle_0 | 20 ++-
.../testcases/optionals/delete_object_handles_0| 39 --
On Thu, Mar 08, 2018 at 10:16:13PM +0530, Harsha Sharma wrote:
> Print handles in this way:
>
> table ip filter { # handle 2
> }
> Similarly, for chain, set and object handles
Applied, thanks Harsha.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a
On 03/09/2018 05:27 AM, Florian Westphal wrote:
ebt_among is special, it has a dynamic match size and is exempt
from the central size checks.
commit c4585a2823edf ("bridge: ebt_among: add missing match size checks")
added validation for pool size, but missed fact that the macros
On Wed, Mar 07, 2018 at 10:51:10PM +0100, Laura Garcia Liebana wrote:
> Complete the automated shell tests with the verification of
> the test file dump, only for positive tests and if the test
> execution was successful.
>
> It's able to generate the dump file with the -g option.
> Example:
>
>
On Fri, Mar 09, 2018 at 07:52:28PM +0530, Harsha Sharma wrote:
> Fetch object, chain and set handles and with '-a' option and then delete
> them.
Applied, thanks Harsha.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to
24 matches
Mail list logo