releases/4.14.183/netfilter-nfnetlink_cthelper-unbreak-userspace-helper-support.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From 703acd70f2496537457186211c2f03e792409e68 Mon Sep 17 00:00:00 2001
 From: Pablo Neira Ayuso <pablo@netfilter.org>
 Date: Sun, 24 May 2020 21:04:42 +0200
 Subject: netfilter: nfnetlink_cthelper: unbreak userspace helper support

 From: Pablo Neira Ayuso <pablo@netfilter.org>

 commit 703acd70f2496537457186211c2f03e792409e68 upstream.

 Restore helper data size initialization and fix memcopy of the helper
 data size.

 Fixes: 157ffffeb5dc ("netfilter: nfnetlink_cthelper: reject too large userspace allocation requests")
 Reviewed-by: Florian Westphal <fw@strlen.de>
 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

 ---
  net/netfilter/nfnetlink_cthelper.c |    3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)

 --- a/net/netfilter/nfnetlink_cthelper.c
 +++ b/net/netfilter/nfnetlink_cthelper.c
 @@ -106,7 +106,7 @@ nfnl_cthelper_from_nlattr(struct nlattr
  	if (help->helper->data_len == 0)
  		return -EINVAL;

 -	nla_memcpy(help->data, nla_data(attr), sizeof(help->data));
 +	nla_memcpy(help->data, attr, sizeof(help->data));
  	return 0;
  }

 @@ -240,6 +240,7 @@ nfnl_cthelper_create(const struct nlattr
  		ret = -ENOMEM;
  		goto err2;
  	}
 +	helper->data_len = size;

  	helper->flags |= NF_CT_HELPER_F_USERSPACE;
  	memcpy(&helper->tuple, tuple, sizeof(struct nf_conntrack_tuple));
	From 703acd70f2496537457186211c2f03e792409e68 Mon Sep 17 00:00:00 2001
	From: Pablo Neira Ayuso <pablo@netfilter.org>
	Date: Sun, 24 May 2020 21:04:42 +0200
	Subject: netfilter: nfnetlink_cthelper: unbreak userspace helper support

	From: Pablo Neira Ayuso <pablo@netfilter.org>

	commit 703acd70f2496537457186211c2f03e792409e68 upstream.

	Restore helper data size initialization and fix memcopy of the helper
	data size.

	Fixes: 157ffffeb5dc ("netfilter: nfnetlink_cthelper: reject too large userspace allocation requests")
	Reviewed-by: Florian Westphal <fw@strlen.de>
	Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

	---
	net/netfilter/nfnetlink_cthelper.c \| 3 ++-
	1 file changed, 2 insertions(+), 1 deletion(-)

	--- a/net/netfilter/nfnetlink_cthelper.c
	+++ b/net/netfilter/nfnetlink_cthelper.c
	@@ -106,7 +106,7 @@ nfnl_cthelper_from_nlattr(struct nlattr
	if (help->helper->data_len == 0)
	return -EINVAL;

	- nla_memcpy(help->data, nla_data(attr), sizeof(help->data));
	+ nla_memcpy(help->data, attr, sizeof(help->data));
	return 0;
	}

	@@ -240,6 +240,7 @@ nfnl_cthelper_create(const struct nlattr
	ret = -ENOMEM;
	goto err2;
	}
	+ helper->data_len = size;

	helper->flags \|= NF_CT_HELPER_F_USERSPACE;
	memcpy(&helper->tuple, tuple, sizeof(struct nf_conntrack_tuple));