From: "John W. Linville" <linville@tuxdriver.com>
To: netfilter-devel@vger.kernel.org
Cc: Patrick McHardy <kaber@trash.net>,
Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>,
"David S. Miller" <davem@davemloft.net>,
netdev@vger.kernel.org, Laura Garcia Liebana <nevola@gmail.com>,
Pablo Neira Ayuso <pablo@netfilter.org>,
Dan Carpenter <dan.carpenter@oracle.com>
Subject: Re: [PATCH] netfilter: fix type mismatch with error return from nft_parse_u32_check
Date: Tue, 25 Oct 2016 15:55:56 -0400 [thread overview]
Message-ID: <20161025195556.GA10443@tuxdriver.com> (raw)
In-Reply-To: <1477422484-27030-1-git-send-email-linville@tuxdriver.com>
On Tue, Oct 25, 2016 at 03:08:04PM -0400, John W. Linville wrote:
> Commit 36b701fae12ac ("netfilter: nf_tables: validate maximum value of
> u32 netlink attributes") introduced nft_parse_u32_check with a return
> value of "unsigned int", yet on error it returns "-ERANGE".
>
> This patch corrects the mismatch by changing the return value to "int",
> which happens to match the actual users of nft_parse_u32_check already.
>
> Found by Coverity, CID 1373930.
>
> Note that commit 21a9e0f1568ea ("netfilter: nft_exthdr: fix error
> handling in nft_exthdr_init()) attempted to address the issue, but
> did not address the return type of nft_parse_u32_check.
>
> Signed-off-by: John W. Linville <linville@tuxdriver.com>
> Cc: Laura Garcia Liebana <nevola@gmail.com>
> Cc: Pablo Neira Ayuso <pablo@netfilter.org>
> Cc: Dan Carpenter <dan.carpenter@oracle.com>
> Fixes: 0eadf37afc250 ("netfilter: nf_tables: validate maximum value...")
The Fixes line is incorrect -- corrected patch to follow!
John
--
John W. Linville Someday the world will need a hero, and you
linville@tuxdriver.com might be all we have. Be ready.
next prev parent reply other threads:[~2016-10-25 20:00 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-25 19:08 [PATCH] netfilter: fix type mismatch with error return from nft_parse_u32_check John W. Linville
2016-10-25 19:55 ` John W. Linville [this message]
2016-10-25 19:56 ` [PATCH v2] " John W. Linville
2016-10-27 16:26 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161025195556.GA10443@tuxdriver.com \
--to=linville@tuxdriver.com \
--cc=dan.carpenter@oracle.com \
--cc=davem@davemloft.net \
--cc=kaber@trash.net \
--cc=kadlec@blackhole.kfki.hu \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=nevola@gmail.com \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.