UPSTREAM: netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
commit b71812168571fa55e44cdd0254471331b9c4c4c6 upstream.
We need to make sure the offsets are not out of range of the
total size.
Also check that they are in ascending order.
The WARN_ON triggered by syzkaller (it sets panic_on_warn) is
changed to also bail out, no point in continuing parsing.
Briefly tested with simple ruleset of
-A INPUT --limit 1/s' --log
plus jump to custom chains using 32bit ebtables binary.
Reported-by: <syzbot+845a53d13171abf8bf29@syzkaller.appspotmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
BUG=chromium:831539
TEST=Build and boot
(cherry picked from commit eaa06bfba8eabd44ce952758046492eebc973bbe)
Signed-off-by: Guenter Roeck <groeck@chromium.org>
Change-Id: I89db5561918203a825ae92271142a4d7cd1716a9
Reviewed-on: https://chromium-review.googlesource.com/1007522
Reviewed-by: Guenter Roeck <groeck@chromium.org>
Commit-Queue: Guenter Roeck <groeck@chromium.org>
Tested-by: Guenter Roeck <groeck@chromium.org>
(cherry picked from commit f6f6e0c235939bd12c519061eefbe40e268a38cc)
Reviewed-on: https://chromium-review.googlesource.com/1012435
Tested-by: Robert Kolchmeyer <rkolchmeyer@google.com>
Commit-Queue: Robert Kolchmeyer <rkolchmeyer@google.com>
1 file changed
