Commit 2c251fb4 authored by Antoine Tenart's avatar Antoine Tenart Committed by Jialin Zhang
Browse files

netfilter: nf_tables: nft_parse_register can return a negative value 

mainline inclusion
from mainline-v5.18-rc3
commit 6c6f9f31
category: bugfix
bugzilla: 186582, https://gitee.com/src-openeuler/kernel/issues/I50WB5
CVE: CVE-2022-1015

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6c6f9f31ecd47dce1d0dafca4bec8805f9bc97cd



--------------------------------

Since commit 6e1acfa3 ("netfilter: nf_tables: validate registers
coming from userspace.") nft_parse_register can return a negative value,
but the function prototype is still returning an unsigned int.

Fixes: 6e1acfa3 ("netfilter: nf_tables: validate registers coming from userspace.")
Signed-off-by: default avatarAntoine Tenart <atenart@kernel.org>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>

conflict:
	net/netfilter/nf_tables_api.c

Signed-off-by: default avatarLu Wei <luwei32@huawei.com>
Reviewed-by: default avatarLiu Jian <liujian56@huawei.com>
Reviewed-by: default avatarWang Weiyang <wangweiyang2@huawei.com>
Signed-off-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
parent 3d77554d
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment