Commit 064d7052 authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf 

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

1) nft_parse_register_load() gets an incorrect datatype size
   as input, from Jeremy Sowden.

2) incorrect maximum netlink attribute in nft_redir, also
   from Jeremy.

* git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  netfilter: nft_redir: correct value of inet type `.maxattrs`
  netfilter: nft_redir: correct length for loading protocol registers
  netfilter: nft_masq: correct length for loading protocol registers
  netfilter: nft_nat: correct length for loading protocol registers
====================

Link: https://lore.kernel.org/r/20230309174655.69816-1-pablo@netfilter.org


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents dee85ac0 49392451

net/netfilter/nft_masq.c

+1 −1
Original line number Diff line number Diff line
@@ -43,7 +43,7 @@ static int nft_masq_init(const struct nft_ctx *ctx, 
			 const struct nft_expr *expr,

			 const struct nlattr * const tb[])

{

	u32 plen = sizeof_field(struct nf_nat_range, min_addr.all);

	u32 plen = sizeof_field(struct nf_nat_range, min_proto.all);

	struct nft_masq *priv = nft_expr_priv(expr);

	int err;

net/netfilter/nft_nat.c

+1 −1
Original line number Diff line number Diff line
@@ -226,7 +226,7 @@ static int nft_nat_init(const struct nft_ctx *ctx, const struct nft_expr *expr, 
		priv->flags |= NF_NAT_RANGE_MAP_IPS;

	}



	plen = sizeof_field(struct nf_nat_range, min_addr.all);

	plen = sizeof_field(struct nf_nat_range, min_proto.all);

	if (tb[NFTA_NAT_REG_PROTO_MIN]) {

		err = nft_parse_register_load(tb[NFTA_NAT_REG_PROTO_MIN],

					      &priv->sreg_proto_min, plen);

net/netfilter/nft_redir.c

+2 −2
Original line number Diff line number Diff line
@@ -48,7 +48,7 @@ static int nft_redir_init(const struct nft_ctx *ctx, 
	unsigned int plen;

	int err;



	plen = sizeof_field(struct nf_nat_range, min_addr.all);

	plen = sizeof_field(struct nf_nat_range, min_proto.all);

	if (tb[NFTA_REDIR_REG_PROTO_MIN]) {

		err = nft_parse_register_load(tb[NFTA_REDIR_REG_PROTO_MIN],

					      &priv->sreg_proto_min, plen);
@@ -236,7 +236,7 @@ static struct nft_expr_type nft_redir_inet_type __read_mostly = { 
	.name		= "redir",

	.ops		= &nft_redir_inet_ops,

	.policy		= nft_redir_policy,

	.maxattr	= NFTA_MASQ_MAX,

	.maxattr	= NFTA_REDIR_MAX,

	.owner		= THIS_MODULE,

};