projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3cfc9ec) | patch
netfilter: flowtable: validate pppoe header
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 9 Apr 2024 11:47:33 +0000 (13:47 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 11 Apr 2024 10:13:11 +0000 (12:13 +0200)
commit87b3593bed1868b2d9fe096c01bcdf0ea86cbebf
tree9664c43f10f6a39e0e47919b2e5774dac890cdactree | snapshot
parent3cfc9ec039af60dbd8965ae085b2c2ccdcfbe1cccommit | diff
netfilter: flowtable: validate pppoe header

Ensure there is sufficient room to access the protocol field of the
PPPoe header. Validate it once before the flowtable lookup, then use a
helper function to access protocol field.

Reported-by: syzbot+b6f07e1c07ef40199081@syzkaller.appspotmail.com
Fixes: 72efd585f714 ("netfilter: flowtable: add pppoe support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/netfilter/nf_flow_table.h diff | blob | history
net/netfilter/nf_flow_table_inet.c diff | blob | history
net/netfilter/nf_flow_table_ip.c diff | blob | history
ep93xx device tree rework repo: git://git.maquefel.me/linux.git