aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic/backport-4.19/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2018-11-01 17:57:55 +0100
committerHauke Mehrtens <hauke@hauke-m.de>2018-12-15 12:50:06 +0100
commit52a82ce3dd901a1536c7d7d9d963e9c2d761c816 (patch)
tree79020fb59420fcea7bdc4b12272f7251e101fe64 /target/linux/generic/backport-4.19/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
parenta272af75cd8c67d265400f96c1e6bb172315c23c (diff)
downloadupstream-52a82ce3dd901a1536c7d7d9d963e9c2d761c816.tar.gz
upstream-52a82ce3dd901a1536c7d7d9d963e9c2d761c816.tar.bz2
upstream-52a82ce3dd901a1536c7d7d9d963e9c2d761c816.zip
kernel: Copy patches from kernel 4.14 to 4.19
This just copies the files from the kernel 4.14 specific folders into the kernel 4.19 specific folder, no changes are done to the files in this commit. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'target/linux/generic/backport-4.19/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch')
-rw-r--r--target/linux/generic/backport-4.19/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/target/linux/generic/backport-4.19/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch b/target/linux/generic/backport-4.19/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
new file mode 100644
index 0000000000..d140a33518
--- /dev/null
+++ b/target/linux/generic/backport-4.19/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
@@ -0,0 +1,30 @@
+From: Hangbin Liu <liuhangbin@gmail.com>
+Date: Mon, 25 Dec 2017 11:34:54 +0800
+Subject: [PATCH] netfilter: nf_tables: fix potential NULL-ptr deref in
+ nf_tables_dump_obj_done()
+
+If there is no NFTA_OBJ_TABLE and NFTA_OBJ_TYPE, the c.data will be NULL in
+nf_tables_getobj(). So before free filter->table in nf_tables_dump_obj_done(),
+we need to check if filter is NULL first.
+
+Fixes: e46abbcc05aa ("netfilter: nf_tables: Allow table names of up to 255 chars")
+Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
+Acked-by: Phil Sutter <phil@nwl.cc>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+
+--- a/net/netfilter/nf_tables_api.c
++++ b/net/netfilter/nf_tables_api.c
+@@ -5330,8 +5330,10 @@ static int nf_tables_dump_flowtable_done
+ if (!filter)
+ return 0;
+
+- kfree(filter->table);
+- kfree(filter);
++ if (filter) {
++ kfree(filter->table);
++ kfree(filter);
++ }
+
+ return 0;
+ }
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-21 04:39:42 +0000