packages/nftables
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

netlink_linearize: use div_round_up in byteorder length

Browse Source 
(cherry picked from commit 07b379a5b35e4281e548c2ef5f83762f5f7766bb)
This commit is contained in:
zhanghao 2023-08-14 20:51:18 +08:00 committed by openeuler-sync-bot
parent c5ea13ed97
commit 21b20ead7d
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
backport-netlink_linearize-use-div_round_up-in-byteorder-length.patch Normal file
View File

@ -0,0 +1,31 @@
From 25e7b99cc450490c38becb03d8bddd0199cfd3f9 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 6 Jul 2023 10:26:39 +0200
Subject: netlink_linearize: use div_round_up in byteorder length
Use div_round_up() to calculate the byteorder length, otherwise fields
that take % BITS_PER_BYTE != 0 are not considered by the byteorder
expression.
Reported-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
src/netlink_linearize.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 92f7e8e..237fb6d 100644
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -737,7 +737,7 @@ static void netlink_gen_unary(struct netlink_linearize_ctx *ctx,
netlink_put_register(nle, NFTNL_EXPR_BYTEORDER_SREG, dreg);
netlink_put_register(nle, NFTNL_EXPR_BYTEORDER_DREG, dreg);
nftnl_expr_set_u32(nle, NFTNL_EXPR_BYTEORDER_LEN,
- expr->len / BITS_PER_BYTE);
+ div_round_up(expr->len, BITS_PER_BYTE));
nftnl_expr_set_u32(nle, NFTNL_EXPR_BYTEORDER_SIZE,
byte_size);
nftnl_expr_set_u32(nle, NFTNL_EXPR_BYTEORDER_OP,
--
2.33.0

10
nftables.spec
View File

@ -1,6 +1,6 @@
Name: nftables
Version: 1.0.0
Release: 8
Release: 9
Epoch: 1
Summary: A subsystem of the Linux kernel processing network data
License: GPLv2
@ -34,6 +34,8 @@ Patch19: backport-evaluate-fix-shift-exponent-underflow-in-concatenation-
Patch20: backport-netlink-Fix-for-potential-NULL-pointer-deref.patch
Patch21: backport-mnl-dump_nf_hooks-leaks-memory-in-error-path.patch
Patch22: backport-netlink_linearize-use-div_round_up-in-byteorder-length.patch
BuildRequires: gcc flex bison libmnl-devel gmp-devel readline-devel libnftnl-devel docbook2X systemd
BuildRequires: iptables-devel jansson-devel python3-devel
BuildRequires: chrpath
@ -132,6 +134,12 @@ echo "%{_libdir}" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf
%{python3_sitelib}/nftables/
%changelog
* Mon Aug 14 2023 zhanghao <zhanghao383@huawei.com> - 1:1.0.0-9
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:netlink_linearize: use div_round_up in byteorder length
* Thu Apr 06 2023 zhanghao <zhanghao383@huawei.com> - 1:1.0.0-8
- Type:bugfix
- CVE:NA