mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-20 11:34:57 +02:00
psd: add basic validation of userspace matchinfo data
psd multiplies weight_thresh by HZ, so it could overflow. Userspace libxt_psd refuses values exceeding PSD_MAX_RATE, so check that on kernel side, too. Also, setting 0 weight for both privileged and highports will cause psd to never match at all. Reject 0 weight threshold, too because it makes no sense (triggers match for every initial packet).
This commit is contained in:
Florian Westphal
committed by
Jan Engelhardt
Jan Engelhardt
parent
ac58f2e94b
commit
f6b8767228
@@ -3,6 +3,8 @@ HEAD
|
||||
====
|
||||
Fixes:
|
||||
- xt_psd: avoid crash due to curr->next corruption
|
||||
Changes:
|
||||
- xt_psd: reject invalid match options
|
||||
|
||||
|
||||
v1.42 (2012-04-05)
|
||||
|
||||
Reference in New Issue
Block a user