diff options
author | Jakub Kicinski <kuba@kernel.org> | 2020-12-18 18:07:13 -0800 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2020-12-18 18:07:14 -0800 |
commit | 1e72faedcd58afd9d67fad40500cb4d1837f4361 (patch) | |
tree | 294d2b1795787c48ac5cac8551cfad6b7b840041 /net/ipv6 | |
parent | 698285da79f5b0b099db15a37ac661ac408c80eb (diff) | |
parent | 5c8193f568ae16f3242abad6518dc2ca6c8eef86 (diff) | |
download | linux-1e72faedcd58afd9d67fad40500cb4d1837f4361.tar.gz linux-1e72faedcd58afd9d67fad40500cb4d1837f4361.tar.bz2 linux-1e72faedcd58afd9d67fad40500cb4d1837f4361.zip |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
1) Incorrect loop in error path of nft_set_elem_expr_clone(),
from Colin Ian King.
2) Missing xt_table_get_private_protected() to access table
private data in x_tables, from Subash Abhinov Kasiviswanathan.
3) Possible oops in ipset hash type resize, from Vasily Averin.
4) Fix shift-out-of-bounds in ipset hash type, also from Vasily.
* git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf:
netfilter: ipset: fix shift-out-of-bounds in htable_bits()
netfilter: ipset: fixes possible oops in mtype_resize
netfilter: x_tables: Update remaining dereference to RCU
netfilter: nftables: fix incorrect increment of loop counter
====================
Link: https://lore.kernel.org/r/20201218120409.3659-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net/ipv6')
-rw-r--r-- | net/ipv6/netfilter/ip6_tables.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index c4f532f4d311..0d453fa9e327 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -1598,7 +1598,7 @@ compat_get_entries(struct net *net, struct compat_ip6t_get_entries __user *uptr, xt_compat_lock(AF_INET6); t = xt_find_table_lock(net, AF_INET6, get.name); if (!IS_ERR(t)) { - const struct xt_table_info *private = t->private; + const struct xt_table_info *private = xt_table_get_private_protected(t); struct xt_table_info info; ret = compat_table_info(private, &info); if (!ret && get.size == info.size) |