projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: da17c73) | patch
netfilter: ipset: Fix wraparound in hash:*net* types
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Fri, 12 Jan 2018 10:16:50 +0000 (11:16 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 31 Jan 2018 13:52:09 +0000 (14:52 +0100)
commit0b8d9073539e217f79ec1bff65eb205ac796723d
treef0d0dbebbde42e1f3403099948a6efc1d19d6e39tree | snapshot
parentda17c73b6eb74aad3c3c0654394635675b623b3ecommit | diff
netfilter: ipset: Fix wraparound in hash:*net* types

Fix wraparound bug which could lead to memory exhaustion when adding an
x.x.x.x-255.255.255.255 range to any hash:*net* types.

Fixes Netfilter's bugzilla id #1212, reported by Thomas Schwark.

Fixes: 48596a8ddc46 ("netfilter: ipset: Fix adding an IPv4 range containing more than 2^31 addresses")
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/ipset/ip_set_hash_ipportnet.c diff | blob | history
net/netfilter/ipset/ip_set_hash_net.c diff | blob | history
net/netfilter/ipset/ip_set_hash_netiface.c diff | blob | history
net/netfilter/ipset/ip_set_hash_netnet.c diff | blob | history
net/netfilter/ipset/ip_set_hash_netport.c diff | blob | history
net/netfilter/ipset/ip_set_hash_netportnet.c diff | blob | history
MicroBlaze GIT Repository