Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit eaa2bcd6 authored by Phil Turnbull's avatar Phil Turnbull Committed by Pablo Neira Ayuso
Browse files

netfilter: nf_tables: validate NFTA_SET_TABLE parameter 



If the NFTA_SET_TABLE parameter is missing and the NLM_F_DUMP flag is
not set, then a NULL pointer dereference is triggered in
nf_tables_set_lookup because ctx.table is NULL.

Signed-off-by: default avatarPhil Turnbull <phil.turnbull@oracle.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 83170f3b

net/netfilter/nf_tables_api.c

+2 −0
Original line number Diff line number Diff line
@@ -2641,6 +2641,8 @@ static int nf_tables_getset(struct net *net, struct sock *nlsk, 
	/* Only accept unspec with dump */

	if (nfmsg->nfgen_family == NFPROTO_UNSPEC)

		return -EAFNOSUPPORT;

	if (!nla[NFTA_SET_TABLE])

		return -EINVAL;



	set = nf_tables_set_lookup(ctx.table, nla[NFTA_SET_NAME]);

	if (IS_ERR(set))