mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-19 13:48:06 +00:00
iptables: patch CVE-2019-11360 (security fix)
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
This commit is contained in:
parent
5e3b21c916
commit
564d81e944
@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk
|
||||
|
||||
PKG_NAME:=iptables
|
||||
PKG_VERSION:=1.6.2
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://git.netfilter.org/iptables
|
||||
|
@ -0,0 +1,13 @@
|
||||
--- a/iptables/iptables-restore.c
|
||||
+++ b/iptables/iptables-restore.c
|
||||
@@ -129,6 +129,10 @@ static void add_param_to_argv(char *pars
|
||||
* longer a real hacker, but I can live with that */
|
||||
|
||||
for (curchar = parsestart; *curchar; curchar++) {
|
||||
+ if (param_len >= sizeof(param_buffer))
|
||||
+ xtables_error(PARAMETER_PROBLEM,
|
||||
+ "Parameter too long!");
|
||||
+
|
||||
if (quote_open) {
|
||||
if (escaped) {
|
||||
param_buffer[param_len++] = *curchar;
|
Loading…
Reference in New Issue
Block a user