redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net/ipv4/netfilter
History
Florian Westphal 212e7f5660 netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct 
An earlier commit (1b789577f6,
"netfilter: arp_tables: init netns pointer in xt_tgchk_param struct")
fixed missing net initialization for arptables, but turns out it was
incomplete.  We can get a very similar struct net NULL deref during
error unwinding:

general protection fault: 0000 [#1] PREEMPT SMP KASAN
RIP: 0010:xt_rateest_put+0xa1/0x440 net/netfilter/xt_RATEEST.c:77
 xt_rateest_tg_destroy+0x72/0xa0 net/netfilter/xt_RATEEST.c:175
 cleanup_entry net/ipv4/netfilter/arp_tables.c:509 [inline]
 translate_table+0x11f4/0x1d80 net/ipv4/netfilter/arp_tables.c:587
 do_replace net/ipv4/netfilter/arp_tables.c:981 [inline]
 do_arpt_set_ctl+0x317/0x650 net/ipv4/netfilter/arp_tables.c:1461

Also init the netns pointer in xt_tgdtor_param struct.

Fixes: add6746124 ("netfilter: add struct net * to target parameters")
Reported-by: syzbot+91bdd8eece0f6629ec8b@syzkaller.appspotmail.com
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2020-01-13 19:22:10 +01:00
..
Kconfig netfilter: fix coding-style errors. 2019-09-13 11:39:38 +02:00
Makefile netfilter: fix coding-style errors. 2019-09-13 11:39:38 +02:00
arp_tables.c netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct 2020-01-13 19:22:10 +01:00
arpt_mangle.c netfilter: ipv4: prefer skb_ensure_writable 2019-05-31 18:02:46 +02:00
arptable_filter.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
ip_tables.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
ipt_CLUSTERIP.c netfilter: Update obsolete comments referring to ip_conntrack 2019-07-16 13:17:00 +02:00
ipt_ECN.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
ipt_REJECT.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
ipt_SYNPROXY.c netfilter: synproxy: rename mss synproxy_options field 2019-08-03 18:39:08 +02:00
ipt_ah.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
ipt_rpfilter.c netfilter: Fix rpfilter dropping vrf packets by mistake 2019-07-16 13:16:47 +02:00
iptable_filter.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
iptable_mangle.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
iptable_nat.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
iptable_raw.c Update my email address 2019-06-10 13:00:24 +02:00
iptable_security.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_defrag_ipv4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_dup_ipv4.c netfilter: drop bridge nf reset from nf_reset 2019-10-01 18:42:15 +02:00
nf_flow_table_ipv4.c netfilter: nf_flow_table_offload: add IPv6 support 2019-11-15 23:44:47 +01:00
nf_log_arp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_log_ipv4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_nat_h323.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_pptp.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nf_nat_snmp_basic.asn1 netfilter: nf_nat_snmp_basic: use asn1 decoder library 2018-01-19 13:59:07 +01:00
nf_nat_snmp_basic_main.c netfilter: ipv4: prefer skb_ensure_writable 2019-05-31 18:02:46 +02:00
nf_reject_ipv4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_socket_ipv4.c icmp: remove duplicate code 2019-11-05 14:03:11 -08:00
nf_tproxy_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
nft_dup_ipv4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nft_fib_ipv4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nft_reject_ipv4.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00