Hi Pablo, On Tue, Nov 04, 2014 at 07:02:27PM +0100, Pablo Neira Ayuso wrote: > From: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > > [ upstream commit 6ecc71202d3a817d7eee44be9f98abc0dcface93 ] > > The ->ip_set_list[] array is initialized in ip_set_net_init() and it > has ->ip_set_max elements so this check should be >= instead of > > otherwise we are off by one. > > Cc: <stable@xxxxxxxxxxxxxxx> # 3.14.x > Cc: <stable@xxxxxxxxxxxxxxx> # 3.16.x > Cc: <stable@xxxxxxxxxxxxxxx> # 3.17.x > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx> > Acked-by: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx> > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> > --- > net/netfilter/ipset/ip_set_core.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c > index 912e5a0..86f9d76 100644 > --- a/net/netfilter/ipset/ip_set_core.c > +++ b/net/netfilter/ipset/ip_set_core.c > @@ -659,7 +659,7 @@ ip_set_nfnl_get_byindex(struct net *net, ip_set_id_t index) > struct ip_set *set; > struct ip_set_net *inst = ip_set_pernet(net); > > - if (index > inst->ip_set_max) > + if (index >= inst->ip_set_max) > return IPSET_INVALID_ID; > > nfnl_lock(NFNL_SUBSYS_IPSET); > -- > 1.7.10.4 > > -- > To unsubscribe from this list: send the line "unsubscribe stable" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html I believe you have the SHA1s wrong, they should be: 0f9f5e1b83abd2b37c67658e02a6fc9001831fa5 netfilter: ipset: off by one in ip_set_nfnl_get_byindex() c123bb7163043bb8f33858cf8e45b01c17dbd171 netfilter: nf_tables: check for NULL in nf_tables_newchain pcpu stats allocation 9dfa1dfe4d5e5e66a991321ab08afe69759d797a netfilter: nf_log: account for size of NLMSG_DONE attribute c1e7dc91eed0ed1a51c9b814d648db18bf8fc6e9 netfilter: nfnetlink_log: fix maximum packet length logged to userspace b51d3fa364885a2c1e1668f88776c67c95291820 netfilter: nf_log: release skbuff on nlmsg put failure 7965ee93719921ea5978f331da653dfa2d7b99f5 netfilter: nft_compat: fix wrong target lookup in nft_target_select_ops() Assuming these are the correct ones, I'm queuing them for the 3.16 kernel. Thanks! Cheers, -- Luís -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html