summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2021-05-28 13:45:16 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2021-06-02 12:43:50 +0200
commit8971ee8b087750a23f3cd4dc55bff2d0303fd267 (patch)
tree991d944462cf1ef084032dfc64557618e809dd91 /net
parent1710eb913bdcda3917f44d383c32de6bdabfc836 (diff)
downloadlinux-8971ee8b087750a23f3cd4dc55bff2d0303fd267.tar.gz
linux-8971ee8b087750a23f3cd4dc55bff2d0303fd267.tar.bz2
linux-8971ee8b087750a23f3cd4dc55bff2d0303fd267.zip
netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches
The private helper data size cannot be updated. However, updates that contain NFCTH_PRIV_DATA_LEN might bogusly hit EBUSY even if the size is the same. Fixes: 12f7a505331e ("netfilter: add user-space connection tracking helper infrastructure") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/nfnetlink_cthelper.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/net/netfilter/nfnetlink_cthelper.c b/net/netfilter/nfnetlink_cthelper.c
index 322ac5dd5402..752b10cae524 100644
--- a/net/netfilter/nfnetlink_cthelper.c
+++ b/net/netfilter/nfnetlink_cthelper.c
@@ -380,10 +380,14 @@ static int
nfnl_cthelper_update(const struct nlattr * const tb[],
struct nf_conntrack_helper *helper)
{
+ u32 size;
int ret;
- if (tb[NFCTH_PRIV_DATA_LEN])
- return -EBUSY;
+ if (tb[NFCTH_PRIV_DATA_LEN]) {
+ size = ntohl(nla_get_be32(tb[NFCTH_PRIV_DATA_LEN]));
+ if (size != helper->data_len)
+ return -EBUSY;
+ }
if (tb[NFCTH_POLICY]) {
ret = nfnl_cthelper_update_policy(helper, tb[NFCTH_POLICY]);