diff options
author | Sergey Popovich <popovich_sergei@mail.ua> | 2015-05-02 20:28:16 +0300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-05-13 14:25:47 +0300 |
commit | 037261866c8dd164c426580160973eb2d68f688c (patch) | |
tree | f3a6c97734ebde8232d01ac6fde95fa5bb51f3a2 /net/netfilter/ipset/ip_set_bitmap_ip.c | |
parent | 728a7e6903af6f901eeff9a2d9ffb06d55e9b1e4 (diff) | |
download | linux-037261866c8dd164c426580160973eb2d68f688c.tar.xz |
netfilter: ipset: Check for comment netlink attribute length
Ensure userspace supplies string not longer than
IPSET_MAX_COMMENT_SIZE.
Signed-off-by: Sergey Popovich <popovich_sergei@mail.ua>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/ipset/ip_set_bitmap_ip.c')
-rw-r--r-- | net/netfilter/ipset/ip_set_bitmap_ip.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/ipset/ip_set_bitmap_ip.c b/net/netfilter/ipset/ip_set_bitmap_ip.c index 01b88ba7c430..2fe6de46f6d0 100644 --- a/net/netfilter/ipset/ip_set_bitmap_ip.c +++ b/net/netfilter/ipset/ip_set_bitmap_ip.c @@ -364,7 +364,8 @@ static struct ip_set_type bitmap_ip_type __read_mostly = { [IPSET_ATTR_LINENO] = { .type = NLA_U32 }, [IPSET_ATTR_BYTES] = { .type = NLA_U64 }, [IPSET_ATTR_PACKETS] = { .type = NLA_U64 }, - [IPSET_ATTR_COMMENT] = { .type = NLA_NUL_STRING }, + [IPSET_ATTR_COMMENT] = { .type = NLA_NUL_STRING, + .len = IPSET_MAX_COMMENT_SIZE }, [IPSET_ATTR_SKBMARK] = { .type = NLA_U64 }, [IPSET_ATTR_SKBPRIO] = { .type = NLA_U32 }, [IPSET_ATTR_SKBQUEUE] = { .type = NLA_U16 }, |