Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
24955619
Commit
24955619
authored
Jun 22, 2009
by
Patrick McHardy
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
netfilter: nf_log: fix direct userspace memory access in proc handler
Signed-off-by:
Patrick McHardy
<
kaber@trash.net
>
parent
f9ffc312
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
11 additions
and
5 deletions
+11
-5
net/netfilter/nf_log.c
net/netfilter/nf_log.c
+11
-5
No files found.
net/netfilter/nf_log.c
View file @
24955619
...
@@ -47,7 +47,6 @@ int nf_log_register(u_int8_t pf, struct nf_logger *logger)
...
@@ -47,7 +47,6 @@ int nf_log_register(u_int8_t pf, struct nf_logger *logger)
mutex_lock
(
&
nf_log_mutex
);
mutex_lock
(
&
nf_log_mutex
);
if
(
pf
==
NFPROTO_UNSPEC
)
{
if
(
pf
==
NFPROTO_UNSPEC
)
{
int
i
;
for
(
i
=
NFPROTO_UNSPEC
;
i
<
NFPROTO_NUMPROTO
;
i
++
)
for
(
i
=
NFPROTO_UNSPEC
;
i
<
NFPROTO_NUMPROTO
;
i
++
)
list_add_tail
(
&
(
logger
->
list
[
i
]),
&
(
nf_loggers_l
[
i
]));
list_add_tail
(
&
(
logger
->
list
[
i
]),
&
(
nf_loggers_l
[
i
]));
}
else
{
}
else
{
...
@@ -216,7 +215,7 @@ static const struct file_operations nflog_file_ops = {
...
@@ -216,7 +215,7 @@ static const struct file_operations nflog_file_ops = {
#endif
/* PROC_FS */
#endif
/* PROC_FS */
#ifdef CONFIG_SYSCTL
#ifdef CONFIG_SYSCTL
struct
ctl_path
nf_log_sysctl_path
[]
=
{
st
atic
st
ruct
ctl_path
nf_log_sysctl_path
[]
=
{
{
.
procname
=
"net"
,
.
ctl_name
=
CTL_NET
,
},
{
.
procname
=
"net"
,
.
ctl_name
=
CTL_NET
,
},
{
.
procname
=
"netfilter"
,
.
ctl_name
=
NET_NETFILTER
,
},
{
.
procname
=
"netfilter"
,
.
ctl_name
=
NET_NETFILTER
,
},
{
.
procname
=
"nf_log"
,
.
ctl_name
=
CTL_UNNUMBERED
,
},
{
.
procname
=
"nf_log"
,
.
ctl_name
=
CTL_UNNUMBERED
,
},
...
@@ -228,19 +227,26 @@ static struct ctl_table nf_log_sysctl_table[NFPROTO_NUMPROTO+1];
...
@@ -228,19 +227,26 @@ static struct ctl_table nf_log_sysctl_table[NFPROTO_NUMPROTO+1];
static
struct
ctl_table_header
*
nf_log_dir_header
;
static
struct
ctl_table_header
*
nf_log_dir_header
;
static
int
nf_log_proc_dostring
(
ctl_table
*
table
,
int
write
,
struct
file
*
filp
,
static
int
nf_log_proc_dostring
(
ctl_table
*
table
,
int
write
,
struct
file
*
filp
,
void
*
buffer
,
size_t
*
lenp
,
loff_t
*
ppos
)
void
__user
*
buffer
,
size_t
*
lenp
,
loff_t
*
ppos
)
{
{
const
struct
nf_logger
*
logger
;
const
struct
nf_logger
*
logger
;
char
buf
[
NFLOGGER_NAME_LEN
];
size_t
size
=
*
lenp
;
int
r
=
0
;
int
r
=
0
;
int
tindex
=
(
unsigned
long
)
table
->
extra1
;
int
tindex
=
(
unsigned
long
)
table
->
extra1
;
if
(
write
)
{
if
(
write
)
{
if
(
!
strcmp
(
buffer
,
"NONE"
))
{
if
(
size
>
sizeof
(
buf
))
size
=
sizeof
(
buf
);
if
(
copy_from_user
(
buf
,
buffer
,
size
))
return
-
EFAULT
;
if
(
!
strcmp
(
buf
,
"NONE"
))
{
nf_log_unbind_pf
(
tindex
);
nf_log_unbind_pf
(
tindex
);
return
0
;
return
0
;
}
}
mutex_lock
(
&
nf_log_mutex
);
mutex_lock
(
&
nf_log_mutex
);
logger
=
__find_logger
(
tindex
,
buf
fer
);
logger
=
__find_logger
(
tindex
,
buf
);
if
(
logger
==
NULL
)
{
if
(
logger
==
NULL
)
{
mutex_unlock
(
&
nf_log_mutex
);
mutex_unlock
(
&
nf_log_mutex
);
return
-
ENOENT
;
return
-
ENOENT
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment