summaryrefslogtreecommitdiff
path: root/net/netfilter
diff options
context:
space:
mode:
authorMark Brown <broonie@kernel.org>2018-07-13 13:22:34 +0100
committerMark Brown <broonie@kernel.org>2018-07-13 13:22:34 +0100
commit7afb85bf7a1ecc75778c158f660c37a7b9399f66 (patch)
tree75e2390eebb85806dd6cf2d89e7f3f535dfee4dc /net/netfilter
parent7a3f6e8d2096d244ad7080673497d43f15e08bdb (diff)
parent8ad23d861c38c89cb1a16d611b4f5a3c920b1a73 (diff)
Merge branch 'linux-linaro-lsk-v4.4' into linux-linaro-lsk-v4.4-android
Diffstat (limited to 'net/netfilter')
-rw-r--r--net/netfilter/nf_log.c9
-rw-r--r--net/netfilter/nf_tables_core.c3
2 files changed, 8 insertions, 4 deletions
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
index 2c89f90cd7bc..f94a2e1172f0 100644
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -422,14 +422,17 @@ static int nf_log_proc_dostring(struct ctl_table *table, int write,
rcu_assign_pointer(net->nf.nf_loggers[tindex], logger);
mutex_unlock(&nf_log_mutex);
} else {
+ struct ctl_table tmp = *table;
+
+ tmp.data = buf;
mutex_lock(&nf_log_mutex);
logger = nft_log_dereference(net->nf.nf_loggers[tindex]);
if (!logger)
- table->data = "NONE";
+ strlcpy(buf, "NONE", sizeof(buf));
else
- table->data = logger->name;
- r = proc_dostring(table, write, buffer, lenp, ppos);
+ strlcpy(buf, logger->name, sizeof(buf));
mutex_unlock(&nf_log_mutex);
+ r = proc_dostring(&tmp, write, buffer, lenp, ppos);
}
return r;
diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c
index f3695a497408..99bc2f87a974 100644
--- a/net/netfilter/nf_tables_core.c
+++ b/net/netfilter/nf_tables_core.c
@@ -167,7 +167,8 @@ next_rule:
switch (regs.verdict.code) {
case NFT_JUMP:
- BUG_ON(stackptr >= NFT_JUMP_STACK_SIZE);
+ if (WARN_ON_ONCE(stackptr >= NFT_JUMP_STACK_SIZE))
+ return NF_DROP;
jumpstack[stackptr].chain = chain;
jumpstack[stackptr].rule = rule;
jumpstack[stackptr].rulenum = rulenum;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 08:07:02 +0000