git.ipfire.org Git - thirdparty/ipset.git/commit

author	Jozsef Kadlecsik <kadlec@netfilter.org>
	Sun, 19 Jan 2020 11:04:13 +0000 (12:04 +0100)
committer	Jozsef Kadlecsik <kadlec@netfilter.org>
	Sun, 19 Jan 2020 21:09:38 +0000 (22:09 +0100)
commit	b661f385ab7457f4d45b2693631b590aa26c8a8f
tree	0f1eac0549c5a127b8bf0850b8b1ba0375b8f7dc	tree
parent	d5bfa437b4c0efb49873c5f5e4d2e1d543252112	commit \| diff

netfilter: ipset: use bitmap infrastructure completely

The bitmap allocation did not use full unsigned long sizes
when calculating the required size and that was triggered by KASAN
as slab-out-of-bounds read in several places. The patch fixes all
of them.

Reported-by: syzbot+fabca5cbf5e54f3fe2de@syzkaller.appspotmail.com
Reported-by: syzbot+827ced406c9a1d9570ed@syzkaller.appspotmail.com
Reported-by: syzbot+190d63957b22ef673ea5@syzkaller.appspotmail.com
Reported-by: syzbot+dfccdb2bdb4a12ad425e@syzkaller.appspotmail.com
Reported-by: syzbot+df0d0f5895ef1f41a65b@syzkaller.appspotmail.com
Reported-by: syzbot+b08bd19bb37513357fd4@syzkaller.appspotmail.com
Reported-by: syzbot+53cdd0ec0bbabd53370a@syzkaller.appspotmail.com
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>

kernel/include/linux/netfilter/ipset/ip_set.h		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_bitmap_gen.h		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_bitmap_ip.c		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_bitmap_ipmac.c		diff \| blob \| blame \| history
kernel/net/netfilter/ipset/ip_set_bitmap_port.c		diff \| blob \| blame \| history