netfilter: ipset: Limit the maximal range of consecutive elements to add/delete
[ Upstream commit 5f7b51bf09baca8e4f80cbe879536842bafb5f31 ] The range size of consecutive elements were not limited. Thus one could define a huge range which may result soft lockup errors due to the long execution time. Now the range size is limited to 2^20 entries. Reported-by: Brad Spengler <spender@grsecurity.net> Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Stable-dep-of: c7aa1a76d4a0 ("netfilter: ipset: regression in ip_set_hash_ip.c") Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Jozsef Kadlecsik
committed by
Greg Kroah-Hartman
Greg Kroah-Hartman
parent
8dca384970
commit
e62e62ea91
@@ -198,6 +198,9 @@ struct ip_set_region {
|
||||
u32 elements; /* Number of elements vs timeout */
|
||||
};
|
||||
|
||||
/* Max range where every element is added/deleted in one step */
|
||||
#define IPSET_MAX_RANGE (1<<20)
|
||||
|
||||
/* The core set type structure */
|
||||
struct ip_set_type {
|
||||
struct list_head list;
|
||||
|
||||
Reference in New Issue
Block a user