Unverified Commit 84335135 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!2411 netfilter: xt_sctp: validate the flag_info count 

Merge Pull Request from: @ci-robot 
 
PR sync from: Zhengchao Shao <shaozhengchao@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/VOWKFRLIAOTEK7CXGBGBMUBBFHLOYYFX/ 
 
https://gitee.com/src-openeuler/kernel/issues/I85CAQ 
 
Link:https://gitee.com/openeuler/kernel/pulls/2411

 

Reviewed-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
Signed-off-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
parents c535f644 8199e4e9

net/netfilter/xt_sctp.c

+2 −0
Original line number Diff line number Diff line
@@ -150,6 +150,8 @@ static int sctp_mt_check(const struct xt_mtchk_param *par) 
{

	const struct xt_sctp_info *info = par->matchinfo;



	if (info->flag_count > ARRAY_SIZE(info->flag_info))

		return -EINVAL;

	if (info->flags & ~XT_SCTP_VALID_FLAGS)

		return -EINVAL;

	if (info->invflags & ~XT_SCTP_VALID_FLAGS)