diff options
author | Eric Dumazet <edumazet@google.com> | 2017-10-05 02:50:07 -0700 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-10-06 15:04:05 +0200 |
commit | e466af75c074e76107ae1cd5a2823e9c61894ffb (patch) | |
tree | d89583ebd5b7d23418dbc0d44472f60eecd66ccd /net/netfilter/xt_nfacct.c | |
parent | 5f9bfe0ef622a7bb9707c22ceb4b6451e1e2cb7b (diff) |
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
syzkaller reports an out of bound read in strlcpy(), triggered
by xt_copy_counters_from_user()
Fix this by using memcpy(), then forcing a zero byte at the last position
of the destination, as Florian did for the non COMPAT code.
Fixes: d7591f0c41ce ("netfilter: x_tables: introduce and use xt_copy_counters_from_user")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/xt_nfacct.c')
0 files changed, 0 insertions, 0 deletions