From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Sriram Yagnaraman <sriram.yagnaraman@est.tech>
Cc: netfilter-devel@vger.kernel.org, Florian Westphal <fw@strlen.de>,
Marcelo Ricardo Leitner <mleitner@redhat.com>,
Long Xin <lxin@redhat.com>,
Claudio Porfiri <claudio.porfiri@ericsson.com>
Subject: Re: [PATCH 2/3] netfilter: conntrack: fix bug in for_each_sctp_chunk
Date: Tue, 17 Jan 2023 12:48:08 +0100 [thread overview]
Message-ID: <Y8aK+OmsbeaYRhO9@salvia> (raw)
In-Reply-To: <20230116093556.9437-3-sriram.yagnaraman@est.tech>
On Mon, Jan 16, 2023 at 10:35:55AM +0100, Sriram Yagnaraman wrote:
> skb_header_pointer() will return NULL if offset + sizeof(_sch) exceeds
> skb->len, so this offset < skb->len test is redundant.
>
> if sch->length == 0, this will end up in an infinite loop, add a check
> for sch->length > 0
If this is broken since the beginning, then:
Fixes: 9fb9cbb1082d ("[NETFILTER]: Add nf_conntrack subsystem.")
is sufficiently old for -stable kernels to pick up this.
Let me know if this looks good to you, thanks
next prev parent reply other threads:[~2023-01-17 11:48 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-16 9:35 [PATCH 0/3] sctp conntrack fixes Sriram Yagnaraman
2023-01-16 9:35 ` [PATCH 1/3] netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE Sriram Yagnaraman
2023-01-17 11:47 ` Pablo Neira Ayuso
2023-01-16 9:35 ` [PATCH 2/3] netfilter: conntrack: fix bug in for_each_sctp_chunk Sriram Yagnaraman
2023-01-17 11:48 ` Pablo Neira Ayuso [this message]
2023-01-16 9:35 ` [PATCH 3/3] netfilter: conntrack: unify established states for SCTP paths Sriram Yagnaraman
2023-01-17 11:54 ` Pablo Neira Ayuso
2023-01-17 12:01 ` Pablo Neira Ayuso
2023-01-17 20:13 ` Sriram Yagnaraman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y8aK+OmsbeaYRhO9@salvia \
--to=pablo@netfilter.org \
--cc=claudio.porfiri@ericsson.com \
--cc=fw@strlen.de \
--cc=lxin@redhat.com \
--cc=mleitner@redhat.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=sriram.yagnaraman@est.tech \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.