linux/net/ipv4/netfilter at ea6eb20cfeb4d94dea14c740812cca64bc0b89d4 - linux - sys114

shinys000114/linux

mirror of https://github.com/hardkernel/linux.git synced 2026-03-26 04:20:23 +09:00

Files

History

Pablo Neira Ayuso 8ef576491c netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code

commit 4c559f15ef upstream.

Dan Carpenter says: "Smatch complains that the value for "cmd" comes
from the network and can't be trusted."

Add pptp_msg_name() helper function that checks for the array boundary.

Fixes: f09943fefe ("[NETFILTER]: nf_conntrack/nf_nat: add PPTP helper port")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2020-06-03 08:16:46 +02:00

..

arp_tables.c

netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct

2020-01-23 08:19:41 +01:00

arpt_mangle.c

netfilter: arpt_mangle: fix return values of checkentry

2011-02-01 16:03:46 +01:00

arptable_filter.c

netfilter: arp_tables: register table in initns

2016-04-07 11:58:49 +02:00

ip_tables.c

netfilter: x_tables: set module owner for icmp(6) matches

2018-08-24 13:12:36 +02:00

ipt_ah.c

netfilter: ipv4: whitespace around operators

2015-10-16 19:19:23 +02:00

ipt_CLUSTERIP.c

netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()

2018-02-25 11:05:43 +01:00

ipt_ECN.c

net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool

2015-08-17 21:33:06 -07:00

ipt_MASQUERADE.c

netfilter: nf_nat: generalize IPv4 masquerading support for nf_tables

2014-09-09 16:31:29 +02:00

ipt_REJECT.c

ipv4: Push struct net down into nf_send_reset

2015-09-29 20:21:31 +02:00

ipt_rpfilter.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2015-10-24 06:54:12 -07:00

ipt_SYNPROXY.c

netfilter: ipv4: fix NULL dereference

2016-03-28 17:59:29 +02:00

iptable_filter.c

netfilter: xtables: don't hook tables by default

2016-03-02 20:05:24 +01:00

iptable_mangle.c

netfilter: x_tables: simplify ip{6}table_mangle_hook()

2016-07-01 16:37:02 +02:00

iptable_nat.c

netfilter: xtables: don't hook tables by default

2016-03-02 20:05:24 +01:00

iptable_raw.c

netfilter: xtables: don't hook tables by default

2016-03-02 20:05:24 +01:00

iptable_security.c

netfilter: xtables: don't hook tables by default

2016-03-02 20:05:24 +01:00

Kconfig

netfilter: remove ip_conntrack* sysctl compat code

2016-08-13 13:27:13 +02:00

Makefile

netfilter: remove ip_conntrack* sysctl compat code

2016-08-13 13:27:13 +02:00

nf_conntrack_l3proto_ipv4.c

netfilter: on sockopt() acquire sock lock only in the required scope

2018-02-25 11:05:43 +01:00

nf_conntrack_proto_icmp.c

netfilter: Remove explicit rcu_read_lock in nf_hook_slow

2016-09-24 21:29:53 +02:00

nf_defrag_ipv4.c

netfilter: nf_defrag_ipv4: Drop redundant ip_send_check()

2016-03-02 20:05:22 +01:00

nf_dup_ipv4.c

netfilter: nf_dup4: remove redundant checksum recalculation

2016-08-12 00:42:47 +02:00

nf_log_arp.c

netfilter: nft_log: complete NFTA_LOG_FLAGS attr support

2016-09-25 23:16:43 +02:00

nf_log_ipv4.c

netfilter: nf_log: get rid of XT_LOG_* macros

2016-09-25 23:16:45 +02:00

nf_nat_h323.c

netfilter: nf_nat_h323: fix logical-not-parentheses warning

2018-04-08 12:12:44 +02:00

nf_nat_l3proto_ipv4.c

netfilter: don't track fragmented packets

2017-12-14 09:28:21 +01:00

nf_nat_masquerade_ipv4.c

ipv4: Don't do expensive useless work during inetdev destroy.

2016-03-13 23:28:35 -04:00

nf_nat_pptp.c

netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code

2020-06-03 08:16:46 +02:00

nf_nat_proto_gre.c

netfilter: gre: Use consistent GRE and PTTP header structure instead of the ones defined by netfilter

2016-09-07 10:36:52 +02:00

nf_nat_proto_icmp.c

net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool

2015-08-17 21:33:06 -07:00

nf_nat_snmp_basic.c

netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register

2017-12-25 14:23:42 +01:00

nf_reject_ipv4.c

netfilter: use fwmark_reflect in nf_send_reset

2017-08-11 08:49:35 -07:00

nf_tables_arp.c

netfilter: Add the missed return value check of nft_register_chain_type

2016-09-12 19:54:45 +02:00

nf_tables_ipv4.c

netfilter: Add the missed return value check of nft_register_chain_type

2016-09-12 19:54:45 +02:00

nft_chain_nat_ipv4.c

netfilter: Pass priv instead of nf_hook_ops to netfilter hooks

2015-09-18 22:00:16 +02:00

nft_chain_route_ipv4.c

netfilter: nft_chain_route: re-route before skb is queued to userspace

2016-09-06 18:02:37 +02:00

nft_dup_ipv4.c

netfilter: nft_dup: do not use sreg_dev if the user doesn't specify it

2016-10-31 13:17:38 +01:00

nft_masq_ipv4.c

netfilter: nf_tables: fix mismatch in big-endian system

2019-02-20 10:18:34 +01:00

nft_redir_ipv4.c

netfilter: nf_tables: fix mismatch in big-endian system

2019-02-20 10:18:34 +01:00

nft_reject_ipv4.c

netfilter: nft_reject: restrict to INPUT/FORWARD/OUTPUT

2016-08-25 12:55:34 +02:00