Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-14 16:12:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
9ea4b476ce
linux/net/netfilter/ipset
History
Gavrilov Ilia 9ea4b476ce netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. 
When first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of
an arithmetic expression 2 << (netmask - mask_bits - 1) is subject
to overflow due to a failure casting operands to a larger data type
before performing the arithmetic.

Note that it's harmless since the value will be checked at the next step.

Found by InfoTeCS on behalf of Linux Verification Center
(linuxtesting.org) with SVACE.

Fixes: b9fed74818 ("netfilter: ipset: Check and reject crazy /0 input parameters")
Signed-off-by: Ilia.Gavrilov <Ilia.Gavrilov@infotecs.ru>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2023-01-11 19:18:04 +01:00
..
ip_set_bitmap_gen.h netfilter: ipset: use bitmap infrastructure completely 2020-01-20 17:41:45 +01:00
ip_set_bitmap_ip.c netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. 2023-01-11 19:18:04 +01:00
ip_set_bitmap_ipmac.c netfilter: ipset: call ip_set_free() instead of kfree() 2020-06-30 19:09:56 +02:00
ip_set_bitmap_port.c netfilter: ipset: call ip_set_free() instead of kfree() 2020-06-30 19:09:56 +02:00
ip_set_core.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_getport.c netfilter: ipset: move ip_set_get_ip_port() to ip_set_bitmap_port.c. 2019-10-07 23:59:02 +02:00
ip_set_hash_gen.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next 2022-12-12 14:45:36 -08:00
ip_set_hash_ip.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipmac.c netfilter: ipset: Expose the initval hash parameter to userspace 2020-10-31 11:55:38 +01:00
ip_set_hash_ipmark.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipport.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipportip.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_ipportnet.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_mac.c netfilter: ipset: Expose the initval hash parameter to userspace 2020-10-31 11:55:38 +01:00
ip_set_hash_net.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_netiface.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_netnet.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_netport.c netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-02 15:10:05 +01:00
ip_set_hash_netportnet.c netfilter: ipset: fix hash:net,port,net hang with /0 subnet 2023-01-02 15:09:02 +01:00
ip_set_list_set.c treewide: Convert del_timer*() to timer_shutdown*() 2022-12-25 13:38:09 -08:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pfxlen.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00