]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7d2d039) | patch
netfilter: nft_limit: do not ignore unsupported flags
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 9 Jan 2024 23:42:37 +0000 (00:42 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 25 Jan 2024 23:45:29 +0000 (15:45 -0800)
commitae6c0543ff13b892ad4092b97ff9813d9fb3ad8a
tree297e20f50cabd267e09b094d9cc245d1f137fac6tree | snapshot
parent7d2d03936a97903ecb7d9554971982947cd86f86commit | diff
netfilter: nft_limit: do not ignore unsupported flags

[ Upstream commit 91a139cee1202a4599a380810d93c69b5bac6197 ]

Bail out if userspace provides unsupported flags, otherwise future
extensions to the limit expression will be silently ignored by the
kernel.

Fixes: c7862a5f0de5 ("netfilter: nft_limit: allow to invert matching criteria")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/netfilter/nft_limit.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git