Commit 4d871c60 authored by Dan Carpenter's avatar Dan Carpenter Committed by Jiri Slaby

netfilter: ipset: small potential read beyond the end of buffer

commit 2196937e upstream.

We could be reading 8 bytes into a 4 byte buffer here.  It seems
harmless but adding a check is the right thing to do and it silences a
static checker warning.
Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Acked-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
parent e5924c95
...@@ -1753,6 +1753,12 @@ ip_set_sockfn_get(struct sock *sk, int optval, void __user *user, int *len) ...@@ -1753,6 +1753,12 @@ ip_set_sockfn_get(struct sock *sk, int optval, void __user *user, int *len)
if (*op < IP_SET_OP_VERSION) { if (*op < IP_SET_OP_VERSION) {
/* Check the version at the beginning of operations */ /* Check the version at the beginning of operations */
struct ip_set_req_version *req_version = data; struct ip_set_req_version *req_version = data;
if (*len < sizeof(struct ip_set_req_version)) {
ret = -EINVAL;
goto done;
}
if (req_version->version != IPSET_PROTOCOL) { if (req_version->version != IPSET_PROTOCOL) {
ret = -EPROTO; ret = -EPROTO;
goto done; goto done;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment