lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20231105195600.522779-1-maze@google.com> Date: Sun, 5 Nov 2023 11:56:00 -0800 From: "Maciej Żenczykowski" <maze@...gle.com> To: "Maciej Żenczykowski" <zenczykowski@...il.com>, "David S . Miller" <davem@...emloft.net>, Pablo Neira Ayuso <pablo@...filter.org>, Florian Westphal <fw@...len.de> Cc: Linux Network Development Mailing List <netdev@...r.kernel.org>, Netfilter Development Mailing List <netfilter-devel@...r.kernel.org>, Jan Engelhardt <jengelh@...i.de>, Patrick McHardy <kaber@...sh.net> Subject: [PATCH net v2] netfilter: xt_recent: fix (increase) ipv6 literal buffer length From: Maciej Żenczykowski <zenczykowski@...il.com> in6_pton() supports 'low-32-bit dot-decimal representation' (this is useful with DNS64/NAT64 networks for example): # echo +aaaa:bbbb:cccc:dddd:eeee:ffff:1.2.3.4 > /proc/self/net/xt_recent/DEFAULT # cat /proc/self/net/xt_recent/DEFAULT src=aaaa:bbbb:cccc:dddd:eeee:ffff:0102:0304 ttl: 0 last_seen: 9733848829 oldest_pkt: 1 9733848829 but the provided buffer is too short: # echo +aaaa:bbbb:cccc:dddd:eeee:ffff:255.255.255.255 > /proc/self/net/xt_recent/DEFAULT -bash: echo: write error: Invalid argument Cc: Jan Engelhardt <jengelh@...i.de> Cc: Patrick McHardy <kaber@...sh.net> Fixes: 079aa88fe717 ("netfilter: xt_recent: IPv6 support") Signed-off-by: Maciej Żenczykowski <zenczykowski@...il.com> --- net/netfilter/xt_recent.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c index 7ddb9a78e3fc..ef93e0d3bee0 100644 --- a/net/netfilter/xt_recent.c +++ b/net/netfilter/xt_recent.c @@ -561,7 +561,7 @@ recent_mt_proc_write(struct file *file, const char __user *input, { struct recent_table *t = pde_data(file_inode(file)); struct recent_entry *e; - char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:5afe:c0de")]; + char buf[sizeof("+b335:1d35:1e55:dead:c0de:1715:255.255.255.255")]; const char *c = buf; union nf_inet_addr addr = {}; u_int16_t family; -- 2.42.0.869.gea05f2083d-goog
Powered by blists - more mailing lists