summaryrefslogtreecommitdiff
path: root/net/netfilter/nf_conntrack_proto_sctp.c
diff options
context:
space:
mode:
authorKadlecsik József <kadlec@blackhole.kfki.hu>2020-01-19 22:06:49 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2020-01-20 17:41:45 +0100
commit32c72165dbd0e246e69d16a3ad348a4851afd415 (patch)
treecf4eab20f76f39b8947f1d2599deb2cda9e15ed1 /net/netfilter/nf_conntrack_proto_sctp.c
parent7eaecf7963c1c8f62d62c6a8e7c439b0e7f2d365 (diff)
netfilter: ipset: use bitmap infrastructure completely
The bitmap allocation did not use full unsigned long sizes when calculating the required size and that was triggered by KASAN as slab-out-of-bounds read in several places. The patch fixes all of them. Reported-by: syzbot+fabca5cbf5e54f3fe2de@syzkaller.appspotmail.com Reported-by: syzbot+827ced406c9a1d9570ed@syzkaller.appspotmail.com Reported-by: syzbot+190d63957b22ef673ea5@syzkaller.appspotmail.com Reported-by: syzbot+dfccdb2bdb4a12ad425e@syzkaller.appspotmail.com Reported-by: syzbot+df0d0f5895ef1f41a65b@syzkaller.appspotmail.com Reported-by: syzbot+b08bd19bb37513357fd4@syzkaller.appspotmail.com Reported-by: syzbot+53cdd0ec0bbabd53370a@syzkaller.appspotmail.com Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_conntrack_proto_sctp.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2024-05-11 14:44:29 +0000