| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Jun 2023 23:29:53 -0400
From: Sohom <sohomdatta1@...il.com>
To: Pablo Neira Ayuso <pablo@...filter.org>,
Jozsef Kadlecsik <kadlec@...filter.org>,
Florian Westphal <fw@...len.de>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>
Cc: Sohom <sohomdatta1+git@...il.com>,
netfilter-devel@...r.kernel.org,
coreteam@...filter.org,
netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] netfilter: Don't parse CTCP message if shorter than minimum length
If the CTCP message is shorter than 10 + 21 + MINMATCHLEN
then exit early and don't parse the rest of the message.
Signed-off-by: Sohom <sohomdatta1+git@...il.com>
---
net/netfilter/nf_conntrack_irc.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_irc.c b/net/netfilter/nf_conntrack_irc.c
index 5703846bea3b..703b5a123cb5 100644
--- a/net/netfilter/nf_conntrack_irc.c
+++ b/net/netfilter/nf_conntrack_irc.c
@@ -157,8 +157,12 @@ static int help(struct sk_buff *skb, unsigned int protoff,
data = ib_ptr;
data_limit = ib_ptr + datalen;
+ if (data >= data_limit - (10 + 21 + MINMATCHLEN)) {
+ goto out;
+ }
+
/* Skip any whitespace */
- while (data < data_limit - 10) {
+ while (data < data_limit) {
if (*data == ' ' || *data == '\r' || *data == '\n')
data++;
else
--
2.41.0
Powered by blists - more mailing lists