On Mon, Feb 19, 2018 at 01:24:15AM +0100, Florian Westphal wrote: > We need to make sure the offsets are not out of range of the > total size. > Also check that they are in ascending order. > > The WARN_ON triggered by syzkaller (it sets panic_on_warn) is > changed to also bail out, no point in continuing parsing. > > Briefly tested with simple ruleset of > -A INPUT --limit 1/s' --log > plus jump to custom chains using 32bit ebtables binary. Also applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
