|
 |
9a3fa7 |
From f958c3a78f14140e7ee983c3698918fe35f1a7af Mon Sep 17 00:00:00 2001
|
|
|
9a3fa7 |
From: Phil Sutter <psutter@redhat.com>
|
|
|
9a3fa7 |
Date: Fri, 15 Mar 2019 17:50:10 +0100
|
|
|
9a3fa7 |
Subject: [PATCH] libxtables: Fix potential array overrun in
|
|
|
9a3fa7 |
xtables_option_parse()
|
|
|
9a3fa7 |
|
|
|
9a3fa7 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1525980
|
|
|
9a3fa7 |
Upstream Status: iptables commit 4144571f87c09
|
|
|
9a3fa7 |
|
|
|
9a3fa7 |
commit 4144571f87c094471419ef59e8bb89ef33cd1365
|
|
|
9a3fa7 |
Author: Phil Sutter <phil@nwl.cc>
|
|
|
9a3fa7 |
Date: Mon Sep 10 23:35:13 2018 +0200
|
|
|
9a3fa7 |
|
|
|
9a3fa7 |
libxtables: Fix potential array overrun in xtables_option_parse()
|
|
|
9a3fa7 |
|
|
|
9a3fa7 |
If entry->type is to be used as array index, it needs to be at max one
|
|
|
9a3fa7 |
less than that array's size.
|
|
|
9a3fa7 |
|
|
|
9a3fa7 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
9a3fa7 |
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
9a3fa7 |
|
|
|
9a3fa7 |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
9a3fa7 |
---
|
|
|
9a3fa7 |
libxtables/xtoptions.c | 2 +-
|
|
|
9a3fa7 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
9a3fa7 |
|
|
|
9a3fa7 |
diff --git a/libxtables/xtoptions.c b/libxtables/xtoptions.c
|
|
|
9a3fa7 |
index 78e9abd6a3f47..0c63c2d372dea 100644
|
|
|
9a3fa7 |
--- a/libxtables/xtoptions.c
|
|
|
9a3fa7 |
+++ b/libxtables/xtoptions.c
|
|
|
9a3fa7 |
@@ -864,7 +864,7 @@ void xtables_option_parse(struct xt_option_call *cb)
|
|
|
9a3fa7 |
* a *RC option type.
|
|
|
9a3fa7 |
*/
|
|
|
9a3fa7 |
cb->nvals = 1;
|
|
|
9a3fa7 |
- if (entry->type <= ARRAY_SIZE(xtopt_subparse) &&
|
|
|
9a3fa7 |
+ if (entry->type < ARRAY_SIZE(xtopt_subparse) &&
|
|
|
9a3fa7 |
xtopt_subparse[entry->type] != NULL)
|
|
|
9a3fa7 |
xtopt_subparse[entry->type](cb);
|
|
|
9a3fa7 |
/* Exclusion with other flags tested later in finalize. */
|
|
|
9a3fa7 |
--
|
|
|
9a3fa7 |
2.21.0
|
|
|
9a3fa7 |
|