xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5711b4e89319c2912f20b2a4f371c1525fc9551d
android_kernel_xiaomi_sm8450/net/ipv4
History
Máté Eckl 5711b4e893 netfilter: nf_tproxy: fix possible non-linear access to transport header 
This patch fixes a silent out-of-bound read possibility that was present
because of the misuse of this function.

Mostly it was called with a struct udphdr *hp which had only the udphdr
part linearized by the skb_header_pointer, however
nf_tproxy_get_sock_v{4,6} uses it as a tcphdr pointer, so some reads for
tcp specific attributes may be invalid.

Fixes: a583636a83 ("inet: refactor inet[6]_lookup functions to take skb")
Signed-off-by: Máté Eckl <ecklm94@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2018-07-06 14:32:44 +02:00
..
bpfilter
net: bpfilter: make function bpfilter_mbox_request() static
2018-05-29 09:51:44 -04:00
netfilter
netfilter: nf_tproxy: fix possible non-linear access to transport header
2018-07-06 14:32:44 +02:00
af_inet.c
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
ah4.c
net: use -ENOSPC for transient busy indication
2017-11-03 22:11:17 +08:00
arp.c
proc: introduce proc_create_net{,_data}
2018-05-16 07:24:30 +02:00
cipso_ipv4.c
tcp/dccp: fix ireq->opt races
2017-10-21 01:33:19 +01:00
datagram.c
net: Set sk_txhash from a random number
2015-07-29 22:44:04 -07:00
devinet.c
net/ipv4: Add support for specifying metric of connected routes
2018-05-29 10:12:45 -04:00
esp4_offload.c
esp: check the NETIF_F_HW_ESP_TX_CSUM bit before segmenting
2018-02-27 10:46:01 +01:00
esp4.c
esp4: remove redundant initialization of pointer esph
2018-02-13 13:59:03 +01:00
fib_frontend.c
treewide: kzalloc() -> kcalloc()
2018-06-12 16:19:22 -07:00
fib_lookup.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fib_notifier.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fib_rules.c
net: fib_rules: add extack support
2018-04-23 10:21:24 -04:00
fib_semantics.c
net: metrics: add proper netlink validation
2018-06-05 12:29:43 -04:00
fib_trie.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2018-06-06 18:39:49 -07:00
fou.c
net: fix use-after-free in GRO with ESP
2018-07-02 20:34:04 +09:00
gre_demux.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-06-30 05:03:36 -04:00
gre_offload.c
net: fix use-after-free in GRO with ESP
2018-07-02 20:34:04 +09:00
icmp.c
net: Drop pernet_operations::async
2018-03-27 13:18:09 -04:00
igmp.c
proc: introduce proc_create_net{,_data}
2018-05-16 07:24:30 +02:00
inet_connection_sock.c
net: ipv4: remove define INET_CSK_DEBUG and unnecessary EXPORT_SYMBOL
2018-05-10 17:43:55 -04:00
inet_diag.c
sock_diag: request _diag module only when the family or proto has been registered
2018-03-12 11:03:42 -04:00
inet_fragment.c
inet: frags: remove inet_frag_maybe_warn_overflow()
2018-03-31 23:25:39 -04:00
inet_hashtables.c
net/tcp: Fix socket lookups with SO_BINDTODEVICE
2018-06-20 08:03:06 +09:00
inet_timewait_sock.c
soreuseport: initialise timewait reuseport field
2018-04-07 22:32:32 -04:00
inetpeer.c
inetpeer: fix uninit-value in inet_getpeer
2018-04-09 10:57:35 -04:00
ip_forward.c
net: rename skb_gso_validate_mtu -> skb_gso_validate_network_len
2018-03-04 17:49:17 -05:00
ip_fragment.c
inet: frags: fix ip6frag_low_thresh boundary
2018-04-04 12:04:59 -04:00
ip_gre.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-05-21 16:01:54 -04:00
ip_input.c
net: Make ip_ra_chain per struct net
2018-03-22 15:12:56 -04:00
ip_options.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
ip_output.c
ip: limit use of gso_size to udp
2018-06-20 14:41:04 +09:00
ip_sockglue.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-05-26 19:46:15 -04:00
ip_tunnel_core.c
net/ipv4: Update ip_tunnel_metadata_cnt static key to modern api
2018-05-10 15:13:33 -04:00
ip_tunnel.c
ip_tunnel: Fix name string concatenate in __ip_tunnel_create()
2018-06-07 16:27:16 -04:00
ip_vti.c
net: Drop pernet_operations::async
2018-03-27 13:18:09 -04:00
ipcomp.c
ipv4: coding style: comparison for equality with NULL
2015-04-03 12:11:15 -04:00
ipconfig.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2018-06-06 18:39:49 -07:00
ipip.c
net: Drop pernet_operations::async
2018-03-27 13:18:09 -04:00
ipmr_base.c
ipmr: fix error path when ipmr_new_table fails
2018-06-05 12:26:41 -04:00
ipmr.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2018-06-06 18:39:49 -07:00
Kconfig
ipmr,ipmr6: Define a uniform vif_device
2018-03-01 13:13:23 -05:00
Makefile
ipv4: support sport, dport and ip_proto in RTM_GETROUTE
2018-05-23 15:14:12 -04:00
metrics.c
net: metrics: add proper netlink validation
2018-06-05 12:29:43 -04:00
netfilter.c
netfilter: remove struct nf_afinfo and its helper functions
2018-01-08 18:11:02 +01:00
netlink.c
ipv4: support sport, dport and ip_proto in RTM_GETROUTE
2018-05-23 15:14:12 -04:00
ping.c
proc: introduce proc_create_net{,_data}
2018-05-16 07:24:30 +02:00
proc.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2018-06-06 18:39:49 -07:00
protocol.c
net: Add sysctl to toggle early demux for tcp and udp
2017-03-24 13:17:07 -07:00
raw_diag.c
net: ipv6: add second dif to raw socket lookups
2017-08-07 11:39:22 -07:00
raw.c
proc: introduce proc_create_net{,_data}
2018-05-16 07:24:30 +02:00
route.c
treewide: kzalloc() -> kcalloc()
2018-06-12 16:19:22 -07:00
syncookies.c
net/ipv4: disable SMC TCP option with SYN Cookies
2018-03-25 20:53:54 -04:00
sysctl_net_ipv4.c
tcp: fix Fast Open key endianness
2018-06-30 18:40:46 +09:00
tcp_bbr.c
tcp_bbr: fix to zero idle_restart only upon S/ACKed data
2018-05-02 11:12:32 -04:00
tcp_bic.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_cdg.c
tcp: cdg: make struct tcp_cdg static
2017-10-16 21:24:25 +01:00
tcp_cong.c
tcp: Namespace-ify sysctl_tcp_default_congestion_control
2017-11-15 14:09:52 +09:00
tcp_cubic.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_dctcp.c
Revert "dctcp: update cwnd on congestion event"
2016-12-06 11:34:24 -05:00
tcp_diag.c
net: sock: replace sk_state_load with inet_sk_state_load and remove sk_state_store
2017-12-20 14:00:25 -05:00
tcp_fastopen.c
tcp: pause Fast Open globally after third consecutive timeout
2017-12-13 15:51:12 -05:00
tcp_highspeed.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_htcp.c
tcp: fix cwnd undo in Reno and HTCP congestion controls
2017-08-06 21:25:10 -07:00
tcp_hybla.c
tcp: make undo_cwnd mandatory for congestion modules
2016-11-21 13:20:17 -05:00
tcp_illinois.c
net/tcp/illinois: replace broken algorithm reference link
2018-02-28 12:03:47 -05:00
tcp_input.c
tcp: prevent bogus FRTO undos with non-SACK flows
2018-07-01 19:23:13 +09:00
tcp_ipv4.c
tcp: verify the checksum of the first data segment in a new connection
2018-06-14 17:04:41 -07:00
tcp_lp.c
tcp: switch TCP TS option (RFC 7323) to 1ms clock
2017-05-17 16:06:01 -04:00
tcp_metrics.c
net: Drop pernet_operations::async
2018-03-27 13:18:09 -04:00
tcp_minisocks.c
net-tcp: remove useless tw_timeout field
2018-06-05 10:45:24 -04:00
tcp_nv.c
tcp_nv: fix potential integer overflow in tcpnv_acked
2018-01-31 10:26:30 -05:00
tcp_offload.c
tcp: Do not reload skb pointer after skb_gro_receive().
2018-06-11 20:00:56 -07:00
tcp_output.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-05-21 16:01:54 -04:00
tcp_rate.c
tcp: invalidate rate samples during SACK reneging
2017-12-08 10:07:02 -05:00
tcp_recovery.c
tcp: tcp_rack_reo_wnd() can be static
2018-05-18 13:28:40 -04:00
tcp_scalable.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_timer.c
tcp: add SACK compression
2018-05-18 11:40:27 -04:00
tcp_ulp.c
net: add a UID to use for ULP socket assignment
2018-02-06 11:39:31 +01:00
tcp_vegas.c
tcp: fix under-evaluated ssthresh in TCP Vegas
2017-09-29 06:07:00 +01:00
tcp_vegas.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
tcp_veno.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp_westwood.c
tcp: Revert "tcp: remove CA_ACK_SLOWPATH"
2017-08-30 11:20:08 -07:00
tcp_yeah.c
tcp: consolidate congestion control undo functions
2017-08-06 21:25:10 -07:00
tcp.c
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
tunnel4.c
inet: whitespace cleanup
2018-02-28 11:43:28 -05:00
udp_diag.c
udp: fix rx queue len reported by diag and proc interface
2018-06-08 19:55:15 -04:00
udp_impl.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
udp_offload.c
net: fix use-after-free in GRO with ESP
2018-07-02 20:34:04 +09:00
udp_tunnel.c
net: add infrastructure to un-offload UDP tunnel port
2017-07-24 13:52:59 -07:00
udp.c
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
udplite.c
proc: introduce proc_create_net{,_data}
2018-05-16 07:24:30 +02:00
xfrm4_input.c
xfrm: Reinject transport-mode packets through tasklet
2017-12-19 08:23:21 +01:00
xfrm4_mode_beet.c
networking: make skb_pull & friends return void pointers
2017-06-16 11:48:39 -04:00
xfrm4_mode_transport.c
xfrm: Add encapsulation header offsets while SKB is not encrypted
2017-04-14 10:07:39 +02:00
xfrm4_mode_tunnel.c
xfrm: Verify MAC header exists before overwriting eth_hdr(skb)->h_proto
2018-03-07 10:54:29 +01:00
xfrm4_output.c
net: xfrm: use skb_gso_validate_network_len() to check gso sizes
2018-03-04 17:49:17 -05:00
xfrm4_policy.c
net: Drop pernet_operations::async
2018-03-27 13:18:09 -04:00
xfrm4_protocol.c
xfrm: input: constify xfrm_input_afinfo
2017-02-09 10:22:17 +01:00
xfrm4_state.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
xfrm4_tunnel.c