netfilter: xt_socket: fix a stack corruption bug (78296c97) · Commits · Mirrors / git.yoctoproject.org / linux-yocto · GitLab

Commit 78296c97 authored Feb 15, 2015 by

Eric Dumazet Committed by Pablo Neira Ayuso Feb 16, 2015

netfilter: xt_socket: fix a stack corruption bug



As soon as extract_icmp6_fields() returns, its local storage (automatic
variables) is deallocated and can be overwritten.

Lets add an additional parameter to make sure storage is valid long
enough.

While we are at it, adds some const qualifiers.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Fixes: b64c9256 ("tproxy: added IPv6 support to the socket match")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

parent cef9ed86

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 6e2d36f2
· Sep 29, 2021

mentioned in commit 6e2d36f2

mentioned in commit 6e2d36f2b1d19bee1096a53e6cbc9e0c0f0b05b4

Toggle commit list
mirror @mirror
mentioned in commit d448b240
· Sep 29, 2021

mentioned in commit d448b240

mentioned in commit d448b240b17501b2f9a168e9d3689446413ca29a

Toggle commit list

Please register or to comment