From: Christian Marangi Date: Sun, 12 Nov 2023 13:10:23 +0000 (+0100) Subject: iptables: backport patch fixing bug with string module X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=3d6b89c5140acb9228ec89bde09b53dafdead070;p=openwrt%2Fstaging%2Fxback.git iptables: backport patch fixing bug with string module Backport patch fixing critical bug with string module merged upstream. Fixes: #13812 Signed-off-by: Christian Marangi --- diff --git a/package/network/utils/iptables/Makefile b/package/network/utils/iptables/Makefile index aded1b7b1f..45a2b49070 100644 --- a/package/network/utils/iptables/Makefile +++ b/package/network/utils/iptables/Makefile @@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=iptables PKG_VERSION:=1.8.8 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=https://netfilter.org/projects/iptables/files PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 diff --git a/package/network/utils/iptables/patches/070-extensions-string-Review-parse_string-function.patch b/package/network/utils/iptables/patches/070-extensions-string-Review-parse_string-function.patch new file mode 100644 index 0000000000..cfcb6c77f3 --- /dev/null +++ b/package/network/utils/iptables/patches/070-extensions-string-Review-parse_string-function.patch @@ -0,0 +1,40 @@ +From da5b32fb4656ab69fe1156eb7e36c7c961839e8a Mon Sep 17 00:00:00 2001 +From: Phil Sutter +Date: Wed, 8 Jun 2022 13:45:13 +0200 +Subject: [PATCH] extensions: string: Review parse_string() function + +* Compare against sizeof(info->pattern) which is more clear than having + to know that this buffer is of size XT_STRING_MAX_PATTERN_SIZE + +* Invert the check and error early to reduce indenting + +* Pass info->patlen to memcpy() to avoid reading past end of 's' + +Signed-off-by: Phil Sutter +--- + extensions/libxt_string.c | 13 ++++++------- + 1 file changed, 6 insertions(+), 7 deletions(-) + +--- a/extensions/libxt_string.c ++++ b/extensions/libxt_string.c +@@ -78,14 +78,13 @@ static void string_init(struct xt_entry_ + + static void + parse_string(const char *s, struct xt_string_info *info) +-{ ++{ + /* xt_string does not need \0 at the end of the pattern */ +- if (strlen(s) <= XT_STRING_MAX_PATTERN_SIZE) { +- memcpy(info->pattern, s, XT_STRING_MAX_PATTERN_SIZE); +- info->patlen = strnlen(s, XT_STRING_MAX_PATTERN_SIZE); +- return; +- } +- xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s); ++ if (strlen(s) > sizeof(info->pattern)) ++ xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s); ++ ++ info->patlen = strnlen(s, sizeof(info->pattern)); ++ memcpy(info->pattern, s, info->patlen); + } + + static void