summaryrefslogtreecommitdiffstats
path: root/fs/cachefiles
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2015-02-20 17:11:10 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2015-02-22 21:05:08 +0100
commit02263db00b6cb98701332aa257c07ca549c2324b (patch)
tree2b3587d9765bf0cb7bab99b3cc60a77945608008 /fs/cachefiles
parent2156d321b879cdadb95a633d046169cfebdbf784 (diff)
downloadlinux-02263db00b6cb98701332aa257c07ca549c2324b.tar.gz
linux-02263db00b6cb98701332aa257c07ca549c2324b.tar.bz2
linux-02263db00b6cb98701332aa257c07ca549c2324b.zip
netfilter: nf_tables: fix addition/deletion of elements from commit/abort
We have several problems in this path: 1) There is a use-after-free when removing individual elements from the commit path. 2) We have to uninit() the data part of the element from the abort path to avoid a chain refcount leak. 3) We have to check for set->flags to see if there's a mapping, instead of the element flags. 4) We have to check for !(flags & NFT_SET_ELEM_INTERVAL_END) to skip elements that are part of the interval that have no data part, so they don't need to be uninit(). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'fs/cachefiles')
0 files changed, 0 insertions, 0 deletions