| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Jul 2013 11:19:09 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: YOSHIFUJI Hideaki <yoshfuji@...ux-ipv6.org>,
Patrick McHardy <kaber@...sh.net>
Cc: David Miller <davem@...emloft.net>,
Network Development <netdev@...r.kernel.org>
Subject: Fwd: [patch] netfilter: ebt_ip6: regression bug fix
People send fixes to random places, and I forward them.. I'm feeling
very managerial today.
Linus
---------- Forwarded message ----------
From: Luis Fernando Cornachioni Estrozi <lestrozi@...inc.com>
Date: Wed, Jul 3, 2013 at 11:11 AM
Subject: [patch] netfilter: ebt_ip6: regression bug fix
To: Bart De Schuymer <bdschuym@...dora.be>
Cc: "torvalds@...ux-foundation.org" <torvalds@...ux-foundation.org>
From: Luís Fernando Estrozi <lestrozi@...inc.com>
fix regression bug in ebt_ip6 which resulted in ebtables IPv6 src/dst
fields not being zeroed
Signed-off-by: Luís Fernando Estrozi <lestrozi@...inc.com>
---
this bug was introduced on commit
0898f99a267f89a7dc72cc687955f17613a711b8 on Mar 08, 2010; I'm just
returning 2 checks that existed before as suggested by Bart De Schuymer
--- linux-3.8.13/net/bridge/netfilter/ebt_ip6.c.orig 2013-07-03
12:07:25.892466692 -0300
+++ linux-3.8.13/net/bridge/netfilter/ebt_ip6.c 2013-07-03
12:29:47.272496246 -0300
@@ -48,10 +48,12 @@ ebt_ip6_mt(const struct sk_buff *skb, st
if (info->bitmask & EBT_IP6_TCLASS &&
FWINV(info->tclass != ipv6_get_dsfield(ih6), EBT_IP6_TCLASS))
return false;
- if (FWINV(ipv6_masked_addr_cmp(&ih6->saddr, &info->smsk,
- &info->saddr), EBT_IP6_SOURCE) ||
- FWINV(ipv6_masked_addr_cmp(&ih6->daddr, &info->dmsk,
- &info->daddr), EBT_IP6_DEST))
+ if ((info->bitmask & EBT_IP6_SOURCE &&
+ FWINV(ipv6_masked_addr_cmp(&ih6->saddr, &info->smsk,
+ &info->saddr), EBT_IP6_SOURCE)) ||
+ (info->bitmask & EBT_IP6_DEST &&
+ FWINV(ipv6_masked_addr_cmp(&ih6->daddr, &info->dmsk,
+ &info->daddr), EBT_IP6_DEST)))
return false;
if (info->bitmask & EBT_IP6_PROTO) {
uint8_t nexthdr = ih6->nexthdr;
________________________________
AVISO: A informação contida neste e-mail, bem como em qualquer de seus
anexos, é CONFIDENCIAL e destinada ao uso exclusivo do(s)
destinatário(s) acima referido(s), podendo conter informações
sigilosas e/ou legalmente protegidas. Caso você não seja o
destinatário desta mensagem, informamos que qualquer divulgação,
distribuição ou cópia deste e-mail e/ou de qualquer de seus anexos é
absolutamente proibida. Solicitamos que o remetente seja comunicado
imediatamente, respondendo esta mensagem, e que o original desta
mensagem e de seus anexos, bem como toda e qualquer cópia e/ou
impressão realizada a partir destes, sejam permanentemente apagados
e/ou destruídos. Informações adicionais sobre nossa empresa podem ser
obtidas no site http://sobre.uol.com.br/.
NOTICE: The information contained in this e-mail and any attachments
thereto is CONFIDENTIAL and is intended only for use by the recipient
named herein and may contain legally privileged and/or secret
information.
If you are not the e-mail´s intended recipient, you are hereby
notified that any dissemination, distribution or copy of this e-mail,
and/or any attachments thereto, is strictly prohibited. Please
immediately notify the sender replying to the above mentioned e-mail
address, and permanently delete and/or destroy the original and any
copy of this e-mail and/or its attachments, as well as any printout
thereof. Additional information about our company may be obtained
through the site http://www.uol.com.br/ir/.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists