| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 2 Feb 2020 23:37:28 +0100
From: Florian Westphal <fw@...len.de>
To: Cong Wang <xiyou.wangcong@...il.com>
Cc: Florian Westphal <fw@...len.de>,
Linux Kernel Network Developers <netdev@...r.kernel.org>,
NetFilter <netfilter-devel@...r.kernel.org>,
syzbot <syzbot+adf6c6c2be1c3a718121@...kaller.appspotmail.com>,
Pablo Neira Ayuso <pablo@...filter.org>,
Jozsef Kadlecsik <kadlec@...filter.org>
Subject: Re: [Patch nf 3/3] xt_hashlimit: limit the max size of hashtable
Cong Wang <xiyou.wangcong@...il.com> wrote:
> Ok, so here is what I have now:
>
>
> +#define HASHLIMIT_MAX_SIZE 1048576
> +
> static int hashlimit_mt_check_common(const struct xt_mtchk_param *par,
> struct xt_hashlimit_htable **hinfo,
> struct hashlimit_cfg3 *cfg,
> @@ -847,6 +849,14 @@ static int hashlimit_mt_check_common(const struct
> xt_mtchk_param *par,
>
> if (cfg->gc_interval == 0 || cfg->expire == 0)
> return -EINVAL;
> + if (cfg->size > HASHLIMIT_MAX_SIZE) {
> + cfg->size = HASHLIMIT_MAX_SIZE;
> + pr_info_ratelimited("size too large, truncated to
> %u\n", cfg->size);
> + }
> + if (cfg->max > HASHLIMIT_MAX_SIZE) {
> + cfg->max = HASHLIMIT_MAX_SIZE;
> + pr_info_ratelimited("max too large, truncated to
> %u\n", cfg->max);
> + }
>
> Please let me know if it is still different with your suggestion.
I am fine with this.
Powered by blists - more mailing lists