1
linux/net/netfilter
Evgeniy Polyakov 7799652557 [NETFILTER]: Fix NULL pointer dereference in nf_nat_move_storage()
Reported by Chuck Ebbert as:

	https://bugzilla.redhat.com/show_bug.cgi?id=259501#c14

This routine is called each time hash should be replaced, nf_conn has
extension list which contains pointers to connection tracking users
(like nat, which is right now the only such user), so when replace takes
place it should copy own extensions. Loop above checks for own
extension, but tries to move higer-layer one, which can lead to above
oops.

Signed-off-by: Evgeniy Polyakov <johnpol@2ka.mipt.ru>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-11-15 15:52:32 -08:00
..
core.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
Kconfig Kbuild/doc: fix links to Documentation files 2007-10-30 14:26:30 -07:00
Makefile [NETFILTER]: Clean up Makefile 2007-11-07 04:08:22 -08:00
nf_conntrack_amanda.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_core.c [NETFILTER]: nf_ct_alloc_hashtable(): use __GFP_NOWARN 2007-10-29 22:37:31 -07:00
nf_conntrack_ecache.c [NETFILTER]: nf_conntrack_expect: function naming unification 2007-07-10 22:17:53 -07:00
nf_conntrack_expect.c [NETFILTER]: Make netfilter code use the seq_open_private 2007-10-10 16:55:34 -07:00
nf_conntrack_extend.c [NETFILTER]: Fix NULL pointer dereference in nf_nat_move_storage() 2007-11-15 15:52:32 -08:00
nf_conntrack_ftp.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_h323_asn1.c [NETFILTER]: nf_conntrack_h323: check range first in sequence extension 2007-07-10 22:16:54 -07:00
nf_conntrack_h323_main.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_h323_types.c [NETFILTER]: nf_conntrack_h323: fix ASN.1 types 2007-05-24 16:42:26 -07:00
nf_conntrack_helper.c netfilter endian regressions 2007-07-26 11:11:56 -07:00
nf_conntrack_irc.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_l3proto_generic.c [NETFILTER]: nf_conntrack: mark protocols __read_mostly 2007-07-14 20:48:19 -07:00
nf_conntrack_netbios_ns.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_netlink.c [NETFILTER]: nf_conntrack_netlink: add support to related connections 2007-10-10 16:53:37 -07:00
nf_conntrack_pptp.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_proto_generic.c sysctl: remove broken netfilter binary sysctls 2007-10-18 14:37:23 -07:00
nf_conntrack_proto_gre.c [NETFILTER]: ctnetlink: use netlink policy 2007-10-10 16:53:35 -07:00
nf_conntrack_proto_sctp.c sysctl: remove broken netfilter binary sysctls 2007-10-18 14:37:23 -07:00
nf_conntrack_proto_tcp.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2007-10-18 14:40:30 -07:00
nf_conntrack_proto_udp.c sysctl: remove broken netfilter binary sysctls 2007-10-18 14:37:23 -07:00
nf_conntrack_proto_udplite.c [NETFILTER]: ctnetlink: use netlink policy 2007-10-10 16:53:35 -07:00
nf_conntrack_proto.c
nf_conntrack_sane.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_sip.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_standalone.c [NETFILTER]: Make netfilter code use the seq_open_private 2007-10-10 16:55:34 -07:00
nf_conntrack_tftp.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_internals.h [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_log.c [NET] NETFILTER: Fix whitespace errors. 2007-07-19 10:44:21 +09:00
nf_queue.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_sockopt.c [NETFILTER]: fix compat_nf_sockopt typo 2007-11-15 14:29:21 -08:00
nf_sysctl.c
nfnetlink_log.c [NETFILTER]: Make netfilter code use the seq_open_private 2007-10-10 16:55:34 -07:00
nfnetlink_queue.c [NETFILTER]: Avoid skb_copy/pskb_copy/skb_realloc_headroom 2007-10-15 12:26:28 -07:00
nfnetlink.c [NET]: make netlink user -> kernel interface synchronious 2007-10-10 21:15:29 -07:00
x_tables.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
xt_CLASSIFY.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_comment.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_connbytes.c remove asm/bitops.h includes 2007-10-19 11:53:41 -07:00
xt_connlimit.c [NETFILTER]: Copyright/Email update 2007-11-07 04:08:20 -08:00
xt_connmark.c Fix misspellings of "system", "controller", "interrupt" and "necessary". 2007-10-19 23:10:43 +02:00
xt_CONNMARK.c Fix misspellings of "system", "controller", "interrupt" and "necessary". 2007-10-19 23:10:43 +02:00
xt_CONNSECMARK.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_conntrack.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_dccp.c [NETFILTER]: x_tables: add missing ip6t_modulename aliases 2007-10-11 14:36:40 -07:00
xt_dscp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_DSCP.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_esp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_hashlimit.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
xt_helper.c [NETFILTER]: xt_helper: use RCU 2007-07-10 22:18:19 -07:00
xt_length.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_limit.c more UTF-8 conversions 2007-10-19 23:22:11 +02:00
xt_mac.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_mark.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_MARK.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_multiport.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NFLOG.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_NFQUEUE.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_NOTRACK.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_physdev.c [NETFILTER]: Clean up duplicate includes in net/netfilter/ 2007-07-24 15:31:05 -07:00
xt_pkttype.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_policy.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_quota.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_realm.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_sctp.c [NETFILTER]: xt_sctp: fix mistake to pass a pointer where array is required 2007-10-18 05:12:21 -07:00
xt_SECMARK.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_state.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_statistic.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_string.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_tcpmss.c [NETFILTER]: x_tables: add missing ip6t_modulename aliases 2007-10-11 14:36:40 -07:00
xt_TCPMSS.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_tcpudp.c [NETFILTER]: xt_tcpudp: fix wrong struct in udp_checkentry 2007-08-30 22:36:43 -07:00
xt_time.c [NETFILTER]: xt_time should not assume CONFIG_KTIME_SCALAR 2007-11-13 03:49:53 -08:00
xt_TRACE.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_u32.c [NETFILTER]: Copyright/Email update 2007-11-07 04:08:20 -08:00