diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2024-04-09 13:47:33 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2024-04-11 12:13:11 +0200 |
commit | 87b3593bed1868b2d9fe096c01bcdf0ea86cbebf (patch) | |
tree | 9664c43f10f6a39e0e47919b2e5774dac890cdac /net/netfilter/nf_flow_table_inet.c | |
parent | 3cfc9ec039af60dbd8965ae085b2c2ccdcfbe1cc (diff) | |
download | linux-87b3593bed1868b2d9fe096c01bcdf0ea86cbebf.tar.gz linux-87b3593bed1868b2d9fe096c01bcdf0ea86cbebf.tar.bz2 linux-87b3593bed1868b2d9fe096c01bcdf0ea86cbebf.zip |
netfilter: flowtable: validate pppoe header
Ensure there is sufficient room to access the protocol field of the
PPPoe header. Validate it once before the flowtable lookup, then use a
helper function to access protocol field.
Reported-by: syzbot+b6f07e1c07ef40199081@syzkaller.appspotmail.com
Fixes: 72efd585f714 ("netfilter: flowtable: add pppoe support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_flow_table_inet.c')
-rw-r--r-- | net/netfilter/nf_flow_table_inet.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nf_flow_table_inet.c b/net/netfilter/nf_flow_table_inet.c index 9505f9d188ff..6eef15648b7b 100644 --- a/net/netfilter/nf_flow_table_inet.c +++ b/net/netfilter/nf_flow_table_inet.c @@ -21,7 +21,8 @@ nf_flow_offload_inet_hook(void *priv, struct sk_buff *skb, proto = veth->h_vlan_encapsulated_proto; break; case htons(ETH_P_PPP_SES): - proto = nf_flow_pppoe_proto(skb); + if (!nf_flow_pppoe_proto(skb, &proto)) + return NF_ACCEPT; break; default: proto = skb->protocol; |