From: Patrick McHardy <kaber@xxxxxxxxx> Date: Tue, 11 Dec 2007 18:42:11 +0100 (MET) > [NETFILTER]: ip_tables: fix compat copy race > > When copying entries to user, the kernel makes two passes through the > data, first copying all the entries, then fixing up names and counters. > On the second pass it copies the kernel and match data from userspace > to the kernel again to find the corresponding structures, expecting > that kernel pointers contained in the data are still valid. > > This is obviously broken, fix by avoiding the second pass completely > and fixing names and counters while dumping the ruleset, using the > kernel-internal data structures. > > Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx> Also applied to net-2.6, thanks Patrick! - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
