提交 e453581d 编写于 作者: D David S. Miller

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

Pablo Neira Ayuso says:

====================
Netfilter fix for net

The following patch reverts the ebtables chunk that enforces counters that was
introduced in the recently applied d26e2c9f ('Revert "netfilter: ensure
number of counters is >0 in do_replace()"') since this breaks ebtables.
====================
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
...@@ -1117,8 +1117,6 @@ static int do_replace(struct net *net, const void __user *user, ...@@ -1117,8 +1117,6 @@ static int do_replace(struct net *net, const void __user *user,
return -ENOMEM; return -ENOMEM;
if (tmp.num_counters >= INT_MAX / sizeof(struct ebt_counter)) if (tmp.num_counters >= INT_MAX / sizeof(struct ebt_counter))
return -ENOMEM; return -ENOMEM;
if (tmp.num_counters == 0)
return -EINVAL;
tmp.name[sizeof(tmp.name) - 1] = 0; tmp.name[sizeof(tmp.name) - 1] = 0;
...@@ -2161,8 +2159,6 @@ static int compat_copy_ebt_replace_from_user(struct ebt_replace *repl, ...@@ -2161,8 +2159,6 @@ static int compat_copy_ebt_replace_from_user(struct ebt_replace *repl,
return -ENOMEM; return -ENOMEM;
if (tmp.num_counters >= INT_MAX / sizeof(struct ebt_counter)) if (tmp.num_counters >= INT_MAX / sizeof(struct ebt_counter))
return -ENOMEM; return -ENOMEM;
if (tmp.num_counters == 0)
return -EINVAL;
memcpy(repl, &tmp, offsetof(struct ebt_replace, hook_entry)); memcpy(repl, &tmp, offsetof(struct ebt_replace, hook_entry));
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册