Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> writes: > From: Florian Westphal <fw@xxxxxxxxx> > > We have targets and standard targets -- the latter carries a verdict. > > The ip/ip6tables validation functions will access t->verdict for the > standard targets to fetch the jump offset or verdict for chainloop > detection, but this happens before the targets get checked/validated. > > Thus we also need to check for verdict presence here, else t->verdict > can point right after a blob. > > Spotted with UBSAN while testing malformed blobs. This breaks iptables on PPC32. # iptables -nL iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. # modprobe iptable-filter FATAL: Error inserting iptable_filter (/lib/modules/4.7.0-rc1/kernel/net/ipv4/netfilter/iptable_filter.ko): Invalid argument Andreas. -- Andreas Schwab, schwab@xxxxxxxxxxxxxx GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
