linux/net/netfilter/ipset
Kyle Zeng 050d91c03b netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can
lead to the use of wrong `CIDR_POS(c)` for calculating array offsets,
which can lead to integer underflow. As a result, it leads to slab
out-of-bound access.
This patch adds back the IP_SET_HASH_WITH_NET0 macro to
ip_set_hash_netportnet to address the issue.

Fixes: 886503f34d ("netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net")
Suggested-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: Kyle Zeng <zengyhkyle@gmail.com>
Acked-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
2023-09-06 18:09:12 +02:00
..
ip_set_bitmap_gen.h netfilter: ipset: use bitmap infrastructure completely 2020-01-20 17:41:45 +01:00
ip_set_bitmap_ip.c netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. 2023-01-11 19:18:04 +01:00
ip_set_bitmap_ipmac.c netfilter: ipset: call ip_set_free() instead of kfree() 2020-06-30 19:09:56 +02:00
ip_set_bitmap_port.c netfilter: ipset: call ip_set_free() instead of kfree() 2020-06-30 19:09:56 +02:00
ip_set_core.c netfilter: ipset: refactor deprecated strncpy 2023-08-22 15:13:20 +02:00
ip_set_getport.c netfilter: ipset: move ip_set_get_ip_port() to ip_set_bitmap_port.c. 2019-10-07 23:59:02 +02:00
ip_set_hash_gen.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next 2022-12-12 14:45:36 -08:00
ip_set_hash_ip.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipmac.c netfilter: ipset: Expose the initval hash parameter to userspace 2020-10-31 11:55:38 +01:00
ip_set_hash_ipmark.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipport.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipportip.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipportnet.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_mac.c netfilter: ipset: Expose the initval hash parameter to userspace 2020-10-31 11:55:38 +01:00
ip_set_hash_net.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_netiface.c netfilter: ipset: Replace strlcpy with strscpy 2023-06-20 13:35:37 -07:00
ip_set_hash_netnet.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_netport.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_netportnet.c netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c 2023-09-06 18:09:12 +02:00
ip_set_list_set.c treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
Kconfig net: Kconfig: fix spellos 2023-01-25 22:39:56 -08:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pfxlen.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00