| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20171107005213.22618-14-pablo@netfilter.org> Date: Tue, 7 Nov 2017 01:52:03 +0100 From: Pablo Neira Ayuso <pablo@...filter.org> To: netfilter-devel@...r.kernel.org Cc: davem@...emloft.net, netdev@...r.kernel.org Subject: [PATCH 13/23] netfilter: nf_ct_h323: Out Of Bound Read in Netfilter Conntrack From: Eric Sesterhenn <eric.sesterhenn@...-dsec.de> Add missing counter decrement to prevent out of bounds memory read. Signed-off-by: Eric Sesterhenn <eric.sesterhenn@...-dsec.de> Acked-by: Florian Westphal <fw@...len.de> Signed-off-by: Pablo Neira Ayuso <pablo@...filter.org> --- net/netfilter/nf_conntrack_h323_asn1.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/netfilter/nf_conntrack_h323_asn1.c b/net/netfilter/nf_conntrack_h323_asn1.c index 7831aa1effc9..cf1bf2605c10 100644 --- a/net/netfilter/nf_conntrack_h323_asn1.c +++ b/net/netfilter/nf_conntrack_h323_asn1.c @@ -877,6 +877,7 @@ int DecodeQ931(unsigned char *buf, size_t sz, Q931 *q931) if (sz < 1) break; len = *p++; + sz--; if (sz < len) break; p += len; -- 2.11.0
Powered by blists - more mailing lists