diff options
author | Eric Dumazet <edumazet@google.com> | 2017-10-05 12:50:07 +0300 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-09-26 09:33:55 +0300 |
commit | a4508e0383daf5a97aa8c0bbcbfc3914d6948010 (patch) | |
tree | 77b435f59af96dfa32a5159127f1e4ce524ea294 /mm | |
parent | 449fab4df70f6d43f64f8bd2afafdf9c62c4bbc2 (diff) | |
download | linux-a4508e0383daf5a97aa8c0bbcbfc3914d6948010.tar.xz |
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
commit e466af75c074e76107ae1cd5a2823e9c61894ffb upstream.
syzkaller reports an out of bound read in strlcpy(), triggered
by xt_copy_counters_from_user()
Fix this by using memcpy(), then forcing a zero byte at the last position
of the destination, as Florian did for the non COMPAT code.
Fixes: d7591f0c41ce ("netfilter: x_tables: introduce and use xt_copy_counters_from_user")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Greg Hackmann <ghackmann@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'mm')
0 files changed, 0 insertions, 0 deletions