superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/net/core
History
Phil Sutter 2acedc5372 net: skb_find_text: Ignore patterns extending past 'to' 
[ Upstream commit c4eee56e14 ]

Assume that caller's 'to' offset really represents an upper boundary for
the pattern search, so patterns extending past this offset are to be
rejected.

The old behaviour also was kind of inconsistent when it comes to
fragmentation (or otherwise non-linear skbs): If the pattern started in
between 'to' and 'from' offsets but extended to the next fragment, it
was not found if 'to' offset was still within the current fragment.

Test the new behaviour in a kselftest using iptables' string match.

Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org>
Fixes: f72b948dcb ("[NET]: skb_find_text ignores to argument")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Florian Westphal <fw@strlen.de>
Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-11-20 11:51:54 +01:00
..
Makefile devlink: move code to a dedicated directory 2023-08-30 16:11:00 +02:00
bpf_sk_storage.c bpf: Add length check for SK_DIAG_BPF_STORAGE_REQ_MAP_FD parsing 2023-08-11 12:08:12 +02:00
datagram.c net: datagram: fix data-races in datagram_poll() 2023-05-24 17:32:32 +01:00
dev.c net: move altnames together with the netdevice 2023-10-25 12:03:16 +02:00
dev.h net: check for altname conflicts when changing netdev's netns 2023-10-25 12:03:08 +02:00
dev_addr_lists.c
dev_addr_lists_test.c
dev_ioctl.c
drop_monitor.c
dst.c
dst_cache.c
failover.c
fib_notifier.c
fib_rules.c
filter.c neighbour: switch to standard rcu, instead of rcu_bh 2023-10-10 22:00:42 +02:00
flow_dissector.c net/core: Fix ETH_P_1588 flow dissector 2023-10-06 14:56:36 +02:00
flow_offload.c
gen_estimator.c
gen_stats.c
gro.c skb: Do mix page pool and page referenced frags in GRO 2023-02-09 11:28:05 +01:00
gro_cells.c net: drop the weight argument from netif_napi_add 2022-09-28 18:57:14 -07:00
hwbm.c
link_watch.c
lwt_bpf.c lwt: Fix return values of BPF xmit ops 2023-09-13 09:42:33 +02:00
lwtunnel.c xfrm: lwtunnel: squelch kernel warning in case XFRM encap type is not available 2022-10-12 10:45:51 +02:00
neighbour.c neighbour: fix various data-races 2023-11-02 09:35:27 +01:00
net-procfs.c
net-sysfs.c net-sysfs: Convert to use sysfs_emit() APIs 2022-09-30 12:27:44 +01:00
net-sysfs.h
net-traces.c
net_namespace.c net: fix UaF in netns ops registration error path 2023-02-01 08:34:43 +01:00
netclassid_cgroup.c
netevent.c
netpoll.c net: don't let netpoll invoke NAPI if in xmit context 2023-04-13 16:55:21 +02:00
netprio_cgroup.c
of_net.c
page_pool.c page_pool: fix inconsistency for page_pool_ring_[un]lock() 2023-06-05 09:26:20 +02:00
pktgen.c net: pktgen: Fix interface flags printing 2023-10-25 12:03:08 +02:00
ptp_classifier.c
request_sock.c
rtnetlink.c netlink: Correct offload_xstats size 2023-10-25 12:03:07 +02:00
scm.c scm: add user copy checks to put_cmsg() 2023-03-10 09:33:54 +01:00
secure_seq.c
selftests.c
skbuff.c net: skb_find_text: Ignore patterns extending past 'to' 2023-11-20 11:51:54 +01:00
skmsg.c bpf, sockmap: Fix skb refcnt race after locking changes 2023-09-19 12:28:02 +02:00
sock.c net: Use sockaddr_storage for getsockopt(SO_PEERNAME). 2023-09-23 11:11:02 +02:00
sock_destructor.h
sock_diag.c
sock_map.c bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets 2023-10-10 22:00:41 +02:00
sock_reuseport.c soreuseport: Fix socket selection for SO_INCOMING_CPU. 2022-12-31 13:32:04 +01:00
stream.c tcp: allow again tcp_disconnect() when threads are waiting 2023-10-25 12:03:12 +02:00
sysctl_net_core.c
timestamping.c
tso.c
utils.c
xdp.c xdp: improve page_pool xdp_return performance 2022-09-26 11:28:19 -07:00