On Thu, Jun 28, 2018 at 01:30:31PM +0200, Máté Eckl wrote:
> On Wed, Jun 27, 2018 at 05:10:02PM +0200, Pablo Neira Ayuso wrote:
> > Hi,
> >
> > On Sun, Jun 24, 2018 at 03:03:07PM +0200, Máté Eckl wrote:
> > > This patch fixes a silent out-of-bound read possibility that was present
> > > because of the misuse of this function.
> >
> > This is a bit confusing. Subject says this is a refactoring, but this
> > seems not be a clean up, but actually fixing up something.
>
> Yes, it is a fix indeed, sorry.
No problem.
> > > Mostly it was called with a struct udphdr *hp which had only the udphdr
> > > part linearized by the skb_header_pointer, however
> > > nf_tproxy_get_sock_v{4,6} uses it as a tcphdr pointer, so some reads for
> > > tcp specific attributes may be invalid.
> >
> > I think we should rename title to something like:
> >
> > netfilter: nf_tproxy: possible non-linear access to transport header
> >
> > A "Fixes:" tag would be good? Is this a new bug or it has been
> > introduced by your recent changes?
>
> This code seems to date back to a583636a83ea in 2016. I'll add this to the
> commit message.
Thanks! Revamp and resubmit.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
