Commit eda68561 authored by Florian Westphal's avatar Florian Westphal Committed by Yang Yingliang
Browse files

netfilter: xt_RATEEST: reject non-null terminated string from userspace 



stable inclusion
from linux-4.19.167
commit e810ec8e6216297c47765b0d031f13a3250a2bad

--------------------------------

commit 6cb56218 upstream.

syzbot reports:
detected buffer overflow in strlen
[..]
Call Trace:
 strlen include/linux/string.h:325 [inline]
 strlcpy include/linux/string.h:348 [inline]
 xt_rateest_tg_checkentry+0x2a5/0x6b0 net/netfilter/xt_RATEEST.c:143

strlcpy assumes src is a c-string. Check info->name before its used.

Reported-by: default avatar <syzbot+e86f7c428c8c50db65b4@syzkaller.appspotmail.com>
Fixes: 5859034d ("[NETFILTER]: x_tables: add RATEEST target")
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>

Signed-off-by: default avatarAichun Li <liaichun@huawei.com>
reviewed-by: default avatarwangxiaopeng <wangxiaopeng7@huawei.com>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>
Signed-off-by: default avatarCheng Jian <cj.chengjian@huawei.com>
parent 0859e183
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment