Google Git
Sign in
android-kvm / linux / 2638fd0f92d4397884fd991d8f4925cb3f081901
commit2638fd0f92d4397884fd991d8f4925cb3f081901[log] [tgz]
authorEric Dumazet <edumazet@google.com>Mon Apr 03 10:55:11 2017 -0700
committerPablo Neira Ayuso <pablo@netfilter.org>Sat Apr 08 22:24:19 2017 +0200
treef7c6cce4be9a84861a75ee58a2106a23cd79b91a
parent0b9aefea860063bb39e36bd7fe6c7087fed0ba87 [diff]
netfilter: xt_TCPMSS: add more sanity tests on tcph->doff

Denys provided an awesome KASAN report pointing to an use
after free in xt_TCPMSS

I have provided three patches to fix this issue, either in xt_TCPMSS or
in xt_tcpudp.c. It seems xt_TCPMSS patch has the smallest possible
impact.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Denys Fedoryshchenko <nuclearcat@nuclearcat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 file changed
tree: f7c6cce4be9a84861a75ee58a2106a23cd79b91a
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README