linux/net/netfilter
Patrick McHardy 3d91c1a848 IPVS: fix potential stack overflow with overly long protocol names
When protocols use very long names, the sprintf calls might overflow
the on-stack buffer. No protocol in the kernel does this however.

Print the protocol name in the pr_debug statement directly to avoid
this.

Based on patch by Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
Acked-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-04-08 13:35:47 +02:00
..
ipvs IPVS: fix potential stack overflow with overly long protocol names 2010-04-08 13:35:47 +02:00
core.c
Kconfig netfilter: xtables: resort osf kconfig text 2010-03-18 14:20:06 +01:00
Makefile netfilter: xtables: merge xt_CONNMARK into xt_connmark 2010-03-17 15:48:36 +01:00
nf_conntrack_acct.c
nf_conntrack_amanda.c
nf_conntrack_core.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_conntrack_ecache.c
nf_conntrack_expect.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_conntrack_extend.c netfilter: don't use INIT_RCU_HEAD() 2010-02-12 06:25:36 +01:00
nf_conntrack_ftp.c netfilter: nf_ct_ftp: fix out of bounds read in update_nl_seq() 2010-01-07 18:33:18 +01:00
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c Merge branch 'master' of /repos/git/net-next-2.6 2010-02-10 14:17:10 +01:00
nf_conntrack_irc.c
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c netfilter: ctnetlink: compute message size properly 2010-04-01 12:39:19 +02:00
nf_conntrack_pptp.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_conntrack_proto_dccp.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c netfilter: nf_conntrack: split up IPCT_STATUS event 2010-02-03 13:48:53 +01:00
nf_conntrack_proto_sctp.c netfilter: nf_conntrack: split up IPCT_STATUS event 2010-02-03 13:48:53 +01:00
nf_conntrack_proto_tcp.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_proto_udp.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_proto_udplite.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_proto.c
nf_conntrack_sane.c
nf_conntrack_sip.c Merge branch 'for-next' into for-linus 2010-03-08 16:55:37 +01:00
nf_conntrack_standalone.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_conntrack_tftp.c
nf_internals.h
nf_log.c
nf_queue.c netfilter: nf_queue: fix NF_STOLEN skb leak 2010-02-19 15:28:38 +01:00
nf_sockopt.c
nf_tproxy_core.c
nfnetlink_log.c netfilter: nfnetlink_log: fix silly refcount leak 2010-02-26 17:48:40 +01:00
nfnetlink_queue.c netfilter: don't use INIT_RCU_HEAD() 2010-02-12 06:25:36 +01:00
nfnetlink.c netfilter: remove unused headers in net/netfilter/nfnetlink.c 2010-03-17 16:28:25 +01:00
x_tables.c netfilter: xtables: change targets to return error code 2010-03-25 16:55:49 +01:00
xt_CLASSIFY.c
xt_cluster.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_comment.c
xt_connbytes.c netfilter: xtables: shorten up return clause 2010-03-25 16:56:09 +01:00
xt_connlimit.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_connmark.c netfilter: xtables: shorten up return clause 2010-03-25 16:56:09 +01:00
xt_CONNSECMARK.c netfilter: xtables: shorten up return clause 2010-03-25 16:56:09 +01:00
xt_conntrack.c netfilter: xtables: shorten up return clause 2010-03-25 16:56:09 +01:00
xt_CT.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_dccp.c netfilter: xtables: change matches to return error code 2010-03-25 16:55:24 +01:00
xt_dscp.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_DSCP.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_esp.c netfilter: xtables: change matches to return error code 2010-03-25 16:55:24 +01:00
xt_hashlimit.c netfilter: xt_hashlimit: RCU conversion 2010-04-01 14:35:56 +02:00
xt_helper.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_hl.c netfilter: xt extensions: use pr_<level> 2010-03-18 14:20:07 +01:00
xt_HL.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_iprange.c netfilter: xt extensions: use pr_<level> (2) 2010-03-25 15:00:04 +01:00
xt_LED.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_length.c
xt_limit.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_mac.c netfilter: xtables: limit xt_mac to ethernet devices 2010-03-18 14:20:06 +01:00
xt_mark.c netfilter: xtables: merge xt_MARK into xt_mark 2010-03-17 15:48:36 +01:00
xt_multiport.c netfilter: xtables: remove xt_multiport revision 0 2010-03-25 17:04:57 +01:00
xt_NFLOG.c netfilter: xtables: change targets to return error code 2010-03-25 16:55:49 +01:00
xt_NFQUEUE.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_NOTRACK.c
xt_osf.c netfilter: xt extensions: use pr_<level> 2010-03-18 14:20:07 +01:00
xt_owner.c
xt_physdev.c netfilter: xtables: change matches to return error code 2010-03-25 16:55:24 +01:00
xt_pkttype.c
xt_policy.c netfilter: xtables: change matches to return error code 2010-03-25 16:55:24 +01:00
xt_quota.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_rateest.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_RATEEST.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_realm.c
xt_recent.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_repldata.h netfilter: xtables: generate initial table on-demand 2010-02-10 17:50:47 +01:00
xt_sctp.c netfilter: xtables: change matches to return error code 2010-03-25 16:55:24 +01:00
xt_SECMARK.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_socket.c netfilter: xt extensions: use pr_<level> (2) 2010-03-25 15:00:04 +01:00
xt_state.c netfilter: xtables: merge registration structure to NFPROTO_UNSPEC 2010-03-25 17:05:10 +01:00
xt_statistic.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_string.c netfilter: xtables: remove xt_string revision 0 2010-03-25 17:04:57 +01:00
xt_tcpmss.c
xt_TCPMSS.c netfilter: xtables: change targets to return error code 2010-03-25 16:55:49 +01:00
xt_TCPOPTSTRIP.c netfilter: update my email address 2010-03-17 15:53:10 +01:00
xt_tcpudp.c netfilter: xtables: change matches to return error code 2010-03-25 16:55:24 +01:00
xt_time.c netfilter: xtables: slightly better error reporting 2010-03-25 16:56:09 +01:00
xt_TPROXY.c netfilter: xtables: change targets to return error code 2010-03-25 16:55:49 +01:00
xt_TRACE.c
xt_u32.c netfilter: update my email address 2010-03-17 15:53:10 +01:00