| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 05 Jun 2016 23:11:36 +0200 From: Andreas Schwab <schwab@...ux-m68k.org> To: Pablo Neira Ayuso <pablo@...filter.org> Cc: netfilter-devel@...r.kernel.org, davem@...emloft.net, netdev@...r.kernel.org Subject: Re: [PATCH 07/23] netfilter: x_tables: check standard target size too Pablo Neira Ayuso <pablo@...filter.org> writes: > From: Florian Westphal <fw@...len.de> > > We have targets and standard targets -- the latter carries a verdict. > > The ip/ip6tables validation functions will access t->verdict for the > standard targets to fetch the jump offset or verdict for chainloop > detection, but this happens before the targets get checked/validated. > > Thus we also need to check for verdict presence here, else t->verdict > can point right after a blob. > > Spotted with UBSAN while testing malformed blobs. This breaks iptables on PPC32. # iptables -nL iptables v1.4.21: can't initialize iptables table `filter': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. # modprobe iptable-filter FATAL: Error inserting iptable_filter (/lib/modules/4.7.0-rc1/kernel/net/ipv4/netfilter/iptable_filter.ko): Invalid argument Andreas. -- Andreas Schwab, schwab@...ux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different."
Powered by blists - more mailing lists