projects
/
linux-2.6-block.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
79578be
)
netfilter: nf_log: validate nf_logger_find_get()
author
Pablo Neira Ayuso
<pablo@netfilter.org>
Mon, 29 Jan 2024 19:24:25 +0000
(20:24 +0100)
committer
Florian Westphal
<fw@strlen.de>
Wed, 21 Feb 2024 10:57:11 +0000
(11:57 +0100)
Sanitize nf_logger_find_get() input parameters, no caller in the tree
passes invalid values.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
net/netfilter/nf_log.c
patch
|
blob
|
blame
|
history
diff --git
a/net/netfilter/nf_log.c
b/net/netfilter/nf_log.c
index e0bfeb75766ffa2ce00cd5205701a8746d613363..370f8231385cab3a0ddcfb44e4a7a4bbdcd78a38 100644
(file)
--- a/
net/netfilter/nf_log.c
+++ b/
net/netfilter/nf_log.c
@@
-156,6
+156,11
@@
int nf_logger_find_get(int pf, enum nf_log_type type)
struct nf_logger *logger;
int ret = -ENOENT;
+ if (pf >= ARRAY_SIZE(loggers))
+ return -EINVAL;
+ if (type >= NF_LOG_TYPE_MAX)
+ return -EINVAL;
+
if (pf == NFPROTO_INET) {
ret = nf_logger_find_get(NFPROTO_IPV4, type);
if (ret < 0)