netfilter: xt_hashlimit: limit the max size of hashtable - kernel/linux.git

diff options

author	Cong Wang <xiyou.wangcong@gmail.com>	2020-02-03 07:30:53 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-02-28 19:22:27 +0300
commit	829e0a0ae2dc7aaeb46f716be3f52f498de2bdd8 (patch)
tree	857bba71a68de36c8254add6f2da5386a4c5a4c9 /fs
parent	86502c68b81eb98fc0f0c6bd87cda01cb7a4cd9d (diff)
download	linux-829e0a0ae2dc7aaeb46f716be3f52f498de2bdd8.tar.xz

netfilter: xt_hashlimit: limit the max size of hashtable

commit 8d0015a7ab76b8b1e89a3e5f5710a6e5103f2dd5 upstream. The user-specified hashtable size is unbound, this could easily lead to an OOM or a hung task as we hold the global mutex while allocating and initializing the new hashtable. Add a max value to cap both cfg->size and cfg->max, as suggested by Florian. Reported-and-tested-by: syzbot+adf6c6c2be1c3a718121@syzkaller.appspotmail.com Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Reviewed-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'fs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: