Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

author: David S. Miller <davem@davemloft.net> 2018-02-24 00:04:20 -0500
committer: David S. Miller <davem@davemloft.net> 2018-02-24 00:04:20 -0500
commit: f74290fdb363665538743d14c4f00aeacdb68d87 (patch)
tree: a5c8f6332f06550e935d1e557ac927302f7f63c4 /net/ipv4/netfilter/ip_tables.c
parent: 1b71af6053af1bd2f849e9fda4f71c1e3f145dcf (diff)
parent: 9cb9c07d6b0c5fd97d83b8ab14d7e308ba4b612f (diff)
download: linux-f74290fdb363665538743d14c4f00aeacdb68d87.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 39a7cf9160e60..d4f7584d2dbec 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -330,8 +330,13 @@ ipt_do_table(struct sk_buff *skb,
 				continue;
 			}
 			if (table_base + v != ipt_next_entry(e) &&
-			    !(e->ip.flags & IPT_F_GOTO))
+			    !(e->ip.flags & IPT_F_GOTO)) {
+				if (unlikely(stackidx >= private->stacksize)) {
+					verdict = NF_DROP;
+					break;
+				}
 				jumpstack[stackidx++] = e;
+			}
 
 			e = get_entry(table_base, v);
 			continue;
author	David S. Miller <davem@davemloft.net>	2018-02-24 00:04:20 -0500
committer	David S. Miller <davem@davemloft.net>	2018-02-24 00:04:20 -0500
commit	f74290fdb363665538743d14c4f00aeacdb68d87 (patch)
tree	a5c8f6332f06550e935d1e557ac927302f7f63c4 /net/ipv4/netfilter/ip_tables.c
parent	1b71af6053af1bd2f849e9fda4f71c1e3f145dcf (diff)
parent	9cb9c07d6b0c5fd97d83b8ab14d7e308ba4b612f (diff)
download	linux-f74290fdb363665538743d14c4f00aeacdb68d87.tar.gz