Adding upstream version 6.1.90.upstream/6.1.90 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-07 02:18:06 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-05-07 02:18:06 +0000
commit: dbbf0dcdfc9a5d90d5146bb195fce97064d92c76 (patch)
tree: bab1434b47a284ca2893dcc0b908d1b95d982e7c /net/ipv4/netfilter/ip_tables.c
parent: Adding upstream version 6.1.85. (diff)
download: linux-dbbf0dcdfc9a5d90d5146bb195fce97064d92c76.tar.xz
linux-dbbf0dcdfc9a5d90d5146bb195fce97064d92c76.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 1f365e28e..a6208efcf 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1120,6 +1120,8 @@ do_replace(struct net *net, sockptr_t arg, unsigned int len)
 		return -ENOMEM;
 	if (tmp.num_counters == 0)
 		return -EINVAL;
+	if ((u64)len < (u64)tmp.size + sizeof(tmp))
+		return -EINVAL;
 
 	tmp.name[sizeof(tmp.name)-1] = 0;
 
@@ -1506,6 +1508,8 @@ compat_do_replace(struct net *net, sockptr_t arg, unsigned int len)
 		return -ENOMEM;
 	if (tmp.num_counters == 0)
 		return -EINVAL;
+	if ((u64)len < (u64)tmp.size + sizeof(tmp))
+		return -EINVAL;
 
 	tmp.name[sizeof(tmp.name)-1] = 0;
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-07 02:18:06 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-05-07 02:18:06 +0000
commit	dbbf0dcdfc9a5d90d5146bb195fce97064d92c76 (patch)
tree	bab1434b47a284ca2893dcc0b908d1b95d982e7c /net/ipv4/netfilter/ip_tables.c
parent	Adding upstream version 6.1.85. (diff)
download	linux-dbbf0dcdfc9a5d90d5146bb195fce97064d92c76.tar.xz linux-dbbf0dcdfc9a5d90d5146bb195fce97064d92c76.zip