Merging upstream version 6.1.85.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-16 03:22:58 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-16 03:22:58 +0000
commit: e5e4452190fd42838db4b11912bd8cd03fa61e08 (patch)
tree: 374214b3170254d7666dd99241b14417b54983c2 /net/ipv4/netfilter/ip_tables.c
parent: Releasing progress-linux version 6.1.82-1progress7u1. (diff)
download: linux-e5e4452190fd42838db4b11912bd8cd03fa61e08.tar.xz
linux-e5e4452190fd42838db4b11912bd8cd03fa61e08.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index da5998011..1f365e28e 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1110,6 +1110,8 @@ do_replace(struct net *net, sockptr_t arg, unsigned int len)
 	void *loc_cpu_entry;
 	struct ipt_entry *iter;
 
+	if (len < sizeof(tmp))
+		return -EINVAL;
 	if (copy_from_sockptr(&tmp, arg, sizeof(tmp)) != 0)
 		return -EFAULT;
 
@@ -1494,6 +1496,8 @@ compat_do_replace(struct net *net, sockptr_t arg, unsigned int len)
 	void *loc_cpu_entry;
 	struct ipt_entry *iter;
 
+	if (len < sizeof(tmp))
+		return -EINVAL;
 	if (copy_from_sockptr(&tmp, arg, sizeof(tmp)) != 0)
 		return -EFAULT;
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-16 03:22:58 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-16 03:22:58 +0000
commit	e5e4452190fd42838db4b11912bd8cd03fa61e08 (patch)
tree	374214b3170254d7666dd99241b14417b54983c2 /net/ipv4/netfilter/ip_tables.c
parent	Releasing progress-linux version 6.1.82-1progress7u1. (diff)
download	linux-e5e4452190fd42838db4b11912bd8cd03fa61e08.tar.xz linux-e5e4452190fd42838db4b11912bd8cd03fa61e08.zip