| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZLASKOr2ZqZtkpCb@corigine.com> Date: Thu, 13 Jul 2023 16:03:04 +0100 From: Simon Horman <simon.horman@...igine.com> To: Lin Ma <linma@....edu.cn> Cc: pablo@...filter.org, kadlec@...filter.org, fw@...len.de, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, netfilter-devel@...r.kernel.org, coreteam@...filter.org, netdev@...r.kernel.org Subject: Re: [PATCH v2] netfilter: conntrack: validate cta_ip via parsing On Wed, Jul 12, 2023 at 09:32:36PM +0800, Lin Ma wrote: > In current ctnetlink_parse_tuple_ip() function, nested parsing and > validation is splitting as two parts, which could be cleanup to a > simplified form. As the nla_parse_nested_deprecated function > supports validation in the fly. These two finially reach same place > __nla_validate_parse with same validate flag. > > nla_parse_nested_deprecated > __nla_parse(.., NL_VALIDATE_LIBERAL, ..) > __nla_validate_parse > > nla_validate_nested_deprecated > __nla_validate_nested(.., NL_VALIDATE_LIBERAL, ..) > __nla_validate > __nla_validate_parse > > This commit removes the call to nla_validate_nested_deprecated and pass > cta_ip_nla_policy when do parsing. > > Signed-off-by: Lin Ma <linma@....edu.cn> Reviewed-by: Simon Horman <simon.horman@...igine.com>
Powered by blists - more mailing lists