Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4a6dd664 authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

netfilter: ipset: fix netiface set name overflow 



attribute is copied to IFNAMSIZ-size stack variable,
but IFNAMSIZ is smaller than IPSET_MAXNAMELEN.

Fortunately nfnetlink needs CAP_NET_ADMIN.

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Acked-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 194d9831

net/netfilter/ipset/ip_set_hash_netiface.c

+1 −1
Original line number Diff line number Diff line
@@ -793,7 +793,7 @@ static struct ip_set_type hash_netiface_type __read_mostly = { 
		[IPSET_ATTR_IP]		= { .type = NLA_NESTED },

		[IPSET_ATTR_IP_TO]	= { .type = NLA_NESTED },

		[IPSET_ATTR_IFACE]	= { .type = NLA_NUL_STRING,

					    .len = IPSET_MAXNAMELEN - 1 },

					    .len  = IFNAMSIZ - 1 },

		[IPSET_ATTR_CADT_FLAGS]	= { .type = NLA_U32 },

		[IPSET_ATTR_CIDR]	= { .type = NLA_U8 },

		[IPSET_ATTR_TIMEOUT]	= { .type = NLA_U32 },