Re: [PATCH nf] netfilter: add back stackpointer size checks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Feb 07, 2018 at 01:46:25PM +0100, Florian Westphal wrote:
> The rationale for removing the check is only correct for rulesets
> generated by ip(6)tables.
> 
> In iptables, a jump can only occur to a user-defined chain, i.e.
> because we size the stack based on number of user-defined chains we
> cannot exceed stack size.
> 
> However, the underlying binary format has no such restriction,
> and the validation step only ensures that the jump target is a
> valid rule start point.
> 
> IOW, its possible to build a rule blob that has no user-defined
> chains but does contain a jump.
> 
> If this happens, no jump stack gets allocated and crash occurs
> because no jumpstack was allocated.

Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux