Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cef0e9eb authored by Florian Westphal's avatar Florian Westphal Committed by Greg Kroah-Hartman
Browse files

netfilter: ebtables: also count base chain policies 



commit 3b48300d5cc7c7bed63fddb006c4046549ed4aec upstream.

ebtables doesn't include the base chain policies in the rule count,
so we need to add them manually when we call into the x_tables core
to allocate space for the comapt offset table.

This lead syzbot to trigger:
WARNING: CPU: 1 PID: 9012 at net/netfilter/x_tables.c:649
xt_compat_add_offset.cold+0x11/0x36 net/netfilter/x_tables.c:649

Reported-by: default avatar <syzbot+276ddebab3382bbf72db@syzkaller.appspotmail.com>
Fixes: 2035f3ff8eaa ("netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present")
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent 07d92cae
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment