From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932651AbeCIXTK (ORCPT ); Fri, 9 Mar 2018 18:19:10 -0500 Received: from Chamillionaire.breakpoint.cc ([146.0.238.67]:56648 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932276AbeCIXTJ (ORCPT ); Fri, 9 Mar 2018 18:19:09 -0500 Date: Sat, 10 Mar 2018 00:18:59 +0100 From: Florian Westphal To: Cong Wang Cc: Eric Dumazet , syzbot , coreteam@netfilter.org, David Miller , Florian Westphal , Jozsef Kadlecsik , LKML , Linux Kernel Network Developers , netfilter-devel@vger.kernel.org, Pablo Neira Ayuso , syzkaller-bugs@googlegroups.com Subject: Re: WARNING in __proc_create Message-ID: <20180309231859.GA11882@breakpoint.cc> References: <001a113f2be668a1e9056701e617@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Cong Wang wrote: > On Fri, Mar 9, 2018 at 2:58 PM, Eric Dumazet wrote: > > > > > > On 03/09/2018 02:56 PM, Eric Dumazet wrote: > > > >> > >> I sent a patch a while back, but Pablo/Florian wanted more than that > >> simple fix. > >> > >> We also need to filter special characters like '/' > > proc_create_data() itself accepts '/', so it must be xt_hashlimit doesn't > want it. --hashimit-name / also triggers WARN for me. . or .. "work", (no crash), but cause appearance of 2nd ./.. in /proc/net/ipt_hashlimit , so I think its better to disallow that too.