From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Dmitry Vyukov <dvyukov@google.com>,
Florian Westphal <fw@strlen.de>,
Pablo Neira Ayuso <pablo@netfilter.org>
Subject: [PATCH 4.16 02/72] netfilter: ebtables: dont attempt to allocate 0-sized compat array
Date: Mon, 14 May 2018 08:48:19 +0200 [thread overview]
Message-ID: <20180514064823.134961370@linuxfoundation.org> (raw)
In-Reply-To: <20180514064823.033169170@linuxfoundation.org>
4.16-stable review patch. If anyone has any objections, please let me know.
------------------
From: Florian Westphal <fw@strlen.de>
commit 3f1e53abff84cf40b1adb3455d480dd295bf42e8 upstream.
Dmitry reports 32bit ebtables on 64bit kernel got broken by
a recent change that returns -EINVAL when ruleset has no entries.
ebtables however only counts user-defined chains, so for the
initial table nentries will be 0.
Don't try to allocate the compat array in this case, as no user
defined rules exist no rule will need 64bit translation.
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Fixes: 7d7d7e02111e9 ("netfilter: compat: reject huge allocation requests")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/bridge/netfilter/ebtables.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -1821,13 +1821,14 @@ static int compat_table_info(const struc
{
unsigned int size = info->entries_size;
const void *entries = info->entries;
- int ret;
newinfo->entries_size = size;
-
- ret = xt_compat_init_offsets(NFPROTO_BRIDGE, info->nentries);
- if (ret)
- return ret;
+ if (info->nentries) {
+ int ret = xt_compat_init_offsets(NFPROTO_BRIDGE,
+ info->nentries);
+ if (ret)
+ return ret;
+ }
return EBT_ENTRY_ITERATE(entries, size, compat_calc_entry, info,
entries, newinfo);
next prev parent reply other threads:[~2018-05-14 6:58 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-14 6:48 [PATCH 4.16 00/72] 4.16.9-stable review Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 01/72] ipvs: fix rtnl_lock lockups caused by start_sync_thread Greg Kroah-Hartman
2018-05-14 6:48 ` Greg Kroah-Hartman [this message]
2018-05-14 6:48 ` [PATCH 4.16 03/72] clk: ti: fix flag space conflict with clkctrl clocks Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 04/72] kcm: Call strp_stop before strp_done in kcm_attach Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 05/72] rds: tcp: must use spin_lock_irq* and not spin_lock_bh with rds_tcp_conn_lock Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 06/72] crypto: af_alg - fix possible uninit-value in alg_bind() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 07/72] netlink: fix uninit-value in netlink_sendmsg Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 08/72] net: fix rtnh_ok() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 09/72] net: initialize skb->peeked when cloning Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 10/72] net: fix uninit-value in __hw_addr_add_ex() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 11/72] dccp: initialize ireq->ir_mark Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 12/72] ipv4: fix uninit-value in ip_route_output_key_hash_rcu() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 13/72] soreuseport: initialise timewait reuseport field Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 14/72] inetpeer: fix uninit-value in inet_getpeer Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 15/72] bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 16/72] memcg: fix per_node_info cleanup Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 17/72] perf: Remove superfluous allocation error check Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 18/72] i2c: dev: prevent ZERO_SIZE_PTR deref in i2cdev_ioctl_rdwr() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 19/72] tcp: fix TCP_REPAIR_QUEUE bound checking Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 20/72] bdi: wake up concurrent wb_shutdown() callers Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 21/72] bdi: Fix use after free bug in debugfs_remove() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 22/72] bdi: Fix oops in wb_workfn() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 23/72] compat: fix 4-byte infoleak via uninitialized struct field Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 24/72] gpioib: do not free unrequested descriptors Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 25/72] gpio: fix aspeed_gpio unmask irq Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 26/72] gpio: fix error path in lineevent_create Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 27/72] rfkill: gpio: fix memory leak in probe error path Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 28/72] libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 29/72] dm integrity: use kvfree for kvmallocd memory Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 30/72] tracing: Fix regex_match_front() to not over compare the test string Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 31/72] z3fold: fix reclaim lock-ups Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 32/72] mm: sections are not offlined during memory hotremove Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 33/72] mm, oom: fix concurrent munlock and oom reaper unmap, v3 Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 34/72] ceph: fix rsize/wsize capping in ceph_direct_read_write() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 35/72] can: flexcan: fix endianess detection Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 36/72] can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 37/72] can: hi311x: Acquire SPI lock on ->do_get_berr_counter Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 38/72] can: hi311x: Work around TX complete interrupt erratum Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 39/72] mtd: rawnand: marvell: pass ms delay to wait_op Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 40/72] mtd: rawnand: marvell: fix command xtype in BCH write hook Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 41/72] mtd: rawnand: Make sure we wait tWB before polling the STATUS reg Greg Kroah-Hartman
2018-05-14 7:32 ` Geert Uytterhoeven
2018-05-14 9:04 ` Greg Kroah-Hartman
2018-05-14 9:09 ` Boris Brezillon
2018-05-14 10:54 ` Geert Uytterhoeven
2018-05-14 9:32 ` Geert Uytterhoeven
2018-05-14 16:50 ` Greg Kroah-Hartman
2018-05-14 6:48 ` [PATCH 4.16 42/72] drm/vc4: Fix scaling of uni-planar formats Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 43/72] drm/ttm: Use GFP_TRANSHUGE_LIGHT for allocating huge pages Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 44/72] drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 45/72] drm/i915: Adjust eDPs logical vco in a reliable place Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 46/72] drm/nouveau: Fix deadlock in nv50_mstm_register_connector() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 47/72] drm/nouveau/ttm: dont dereference nvbo::cli, it can outlive client Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 48/72] drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 49/72] drm/atomic: Clean private obj " Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 50/72] net: atm: Fix potential Spectre v1 Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 51/72] atm: zatm: " Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 52/72] PCI / PM: Always check PME wakeup capability for runtime wakeup support Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 53/72] PCI / PM: Check device_may_wakeup() in pci_enable_wake() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 54/72] cpufreq: schedutil: Avoid using invalid next_freq Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 55/72] arm: dts: imx[35]*: declare flexcan devices to be compatible to imx25s flexcan Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 56/72] Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174" Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 57/72] Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 58/72] Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome chipsets Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 59/72] thermal: exynos: Reading temperature makes sense only when TMU is turned on Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 60/72] thermal: exynos: Propagate error value from tmu_read() Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 61/72] nvme: add quirk to force medium priority for SQ creation Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 62/72] nvme: Fix sync controller reset return Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 63/72] smb3: directory sync should not return an error Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 64/72] swiotlb: silent unwanted warning "buffer is full" Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 65/72] sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 66/72] sched/autogroup: " Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 67/72] tracing/uprobe_event: Fix strncpy corner case Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 68/72] perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 69/72] perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 70/72] perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 71/72] perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] Greg Kroah-Hartman
2018-05-14 6:49 ` [PATCH 4.16 72/72] perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() Greg Kroah-Hartman
2018-05-14 13:45 ` [PATCH 4.16 00/72] 4.16.9-stable review kernelci.org bot
2018-05-14 16:27 ` Guenter Roeck
2018-05-14 16:51 ` Greg Kroah-Hartman
2018-05-14 22:01 ` Shuah Khan
2018-05-15 6:47 ` Greg Kroah-Hartman
2018-05-15 5:31 ` Naresh Kamboju
2018-05-15 6:47 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180514064823.134961370@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=dvyukov@google.com \
--cc=fw@strlen.de \
--cc=linux-kernel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).