提交 09525a09 编写于 作者: D Dan Carpenter 提交者: Pablo Neira Ayuso

netfilter: nf_tables: underflow in nft_parse_u32_check()

We don't want to allow negatives here.

Fixes: 36b701fa ('netfilter: nf_tables: validate maximum value of u32 netlink attributes')
Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
上级 5751e175
......@@ -4423,7 +4423,7 @@ static int nf_tables_check_loops(const struct nft_ctx *ctx,
*/
unsigned int nft_parse_u32_check(const struct nlattr *attr, int max, u32 *dest)
{
int val;
u32 val;
val = ntohl(nla_get_be32(attr));
if (val > max)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册