FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2025-02-15 00:58:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux/net
History
Liping Zhang 2fa46c1301 netfilter: nft_limit: fix divided by zero panic 
After I input the following nftables rule, a panic happened on my system:
  # nft add rule filter OUTPUT limit rate 0xf00000000 bytes/second

  divide error: 0000 [#1] SMP
  [ ... ]
  RIP: 0010:[<ffffffffa059035e>]  [<ffffffffa059035e>]
  nft_limit_pkt_bytes_eval+0x2e/0xa0 [nft_limit]
  Call Trace:
  [<ffffffffa05721bb>] nft_do_chain+0xfb/0x4e0 [nf_tables]
  [<ffffffffa044f236>] ? nf_nat_setup_info+0x96/0x480 [nf_nat]
  [<ffffffff81753767>] ? ipt_do_table+0x327/0x610
  [<ffffffffa044f677>] ? __nf_nat_alloc_null_binding+0x57/0x80 [nf_nat]
  [<ffffffffa058b21f>] nft_ipv4_output+0xaf/0xd0 [nf_tables_ipv4]
  [<ffffffff816f4aa2>] nf_iterate+0x62/0x80
  [<ffffffff816f4b33>] nf_hook_slow+0x73/0xd0
  [<ffffffff81703d0d>] __ip_local_out+0xcd/0xe0
  [<ffffffff81701d90>] ? ip_forward_options+0x1b0/0x1b0
  [<ffffffff81703d3c>] ip_local_out+0x1c/0x40

This is because divisor is 64-bit, but we treat it as a 32-bit integer,
then 0xf00000000 becomes zero, i.e. divisor becomes 0.

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2016-10-04 08:59:03 +02:00
..
6lowpan
6lowpan: ndisc: no overreact if no short address is available
2016-09-19 20:19:34 +02:00
9p
9p/trans_virtio: use kvfree() for iov_iter_get_pages_alloc()
2016-08-09 13:42:36 +03:00
802
8021q
net: remove type_check from dev_get_nest_level()
2016-08-13 15:15:54 -07:00
appletalk
appletalk: use IS_ENABLED() instead of checking for built-in or module
2016-09-10 21:19:10 -07:00
atm
lec: use IS_ENABLED() instead of checking for built-in or module
2016-09-10 21:19:10 -07:00
ax25
AX.25: Close socket connection on session completion
2016-06-18 20:55:34 -07:00
batman-adv
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-09-23 06:46:57 -04:00
bluetooth
Bluetooth: Fix not updating scan rsp when adv off
2016-09-22 17:48:23 +02:00
bridge
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2016-09-25 23:34:19 +02:00
caif
caif: Remove unneeded header file
2016-06-28 05:26:14 -04:00
can
can: only call can_stat_update with procfs
2016-06-23 11:23:49 +02:00
ceph
libceph: using kfree_rcu() to simplify the code
2016-08-08 21:41:42 +02:00
core
net: do not export sk_stream_write_space
2016-09-28 20:32:38 -04:00
dcb
dccp
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2016-07-29 17:38:46 -07:00
decnet
net: fix decnet rtnexthop parsing
2016-07-05 14:08:47 -07:00
dns_resolver
dsa
net: dsa: add port fast ageing
2016-09-23 08:38:50 -04:00
ethernet
hsr
net/hsr: Use setup_timer and mod_timer.
2016-05-16 14:00:43 -04:00
ieee802154
ieee802154: 6lowpan: fix intra pan id check
2016-07-08 13:23:12 +02:00
ipv4
net: Suppress the "Comparison to NULL could be written" warnings
2016-09-30 01:50:45 -04:00
ipv6
ipv6 addrconf: implement RFC7559 router solicitation backoff
2016-09-30 01:54:28 -04:00
ipx
irda
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-09-23 06:46:57 -04:00
iucv
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
2016-07-29 17:38:46 -07:00
kcm
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-09-12 15:52:44 -07:00
key
l2tp
l2tp: constify net_device_ops structures
2016-09-17 10:07:23 -04:00
l3mdev
net: ipv6: Remove l3mdev_get_saddr6
2016-09-10 23:12:53 -07:00
lapb
net/lapb: tuse %*ph to dump buffers
2016-05-29 22:33:25 -07:00
llc
llc: switch type to bool as the timeout is only tested versus 0
2016-09-17 10:05:05 -04:00
mac80211
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-09-23 06:46:57 -04:00
mac802154
mac802154: use rate limited warnings for malformed frames
2016-09-19 20:19:34 +02:00
mpls
mpls: get rid of trivial returns
2016-09-01 10:13:15 -07:00
ncsi
net/ncsi: avoid maybe-uninitialized warning
2016-07-25 10:32:59 -07:00
netfilter
netfilter: nft_limit: fix divided by zero panic
2016-10-04 08:59:03 +02:00
netlabel
netlabel: Implement CALIPSO config functions for SMACK.
2016-06-27 15:06:18 -04:00
netlink
netlink: don't forget to release a rhashtable_iter structure
2016-09-07 17:29:38 -07:00
netrom
nfc
NFC: digital: Fix RTOX supervisor PDU handling
2016-07-11 02:02:03 +02:00
openvswitch
openvswitch: avoid resetting flow key while installing new flow.
2016-09-20 22:54:35 -04:00
packet
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-07-24 00:53:32 -04:00
phonet
qrtr
Merge tag 'qcom-soc-for-4.7-2' into net-next
2016-05-17 14:11:19 -04:00
rds
RDS: add __printf format attribute to error reporting functions
2016-08-08 16:16:21 -07:00
rfkill
rose
rose: limit sk_filter trim to payload
2016-07-13 11:53:40 -07:00
rxrpc
rxrpc: Note serial number being ACK'd in the congestion management trace
2016-09-29 22:57:47 +01:00
sched
net/sched: cls_flower: Use a proper mask value for enc key id parameter
2016-09-28 03:11:22 -04:00
sctp
net: Suppress the "Comparison to NULL could be written" warnings
2016-09-30 01:50:45 -04:00
strparser
kcm: Remove TCP specific references from kcm and strparser
2016-08-28 23:32:41 -04:00
sunrpc
Fix a memory corruption bug that I introduced in 4.7.
2016-09-16 17:00:26 -07:00
switchdev
switchdev: remove FIB offload infrastructure
2016-09-28 04:48:00 -04:00
tipc
tipc: fix possible memory leak in tipc_udp_enable()
2016-09-13 11:28:32 -04:00
unix
af_unix: split 'u->readlock' into two: 'iolock' and 'bindlock'
2016-09-04 13:29:29 -07:00
vmw_vsock
vhost/vsock: drop space available check for TX vq
2016-08-15 05:05:21 +03:00
wimax
wireless
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-09-23 06:46:57 -04:00
x25
net: x25: remove null checks on arrays calling_ae and called_ae
2016-09-09 18:13:30 -07:00
xfrm
proc: Reduce cache miss in xfrm_statistics_seq_show
2016-09-30 01:50:45 -04:00
compat.c
packet: compat support for sock_fprog
2016-06-09 23:41:03 -07:00
Kconfig
strparser: Stream parser for messages
2016-08-17 19:36:23 -04:00
Makefile
strparser: Stream parser for messages
2016-08-17 19:36:23 -04:00
socket.c
fs: poll/select/recvmmsg: use timespec64 for timeout events
2016-05-19 19:12:14 -07:00
sysctl_net.c
net: make net namespace sysctls belong to container's owner
2016-08-14 21:08:58 -07:00