netfilter: x_tables: limit allocation requests for blob rule heads

This is a very conservative limit (134217728 rules), but good enough to not trigger frequent oom from syzkaller. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2018-02-27 19:42:32 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2018-03-05 23:15:43 +0100
commit: 9d5c12a7c08f67999772065afd50fb222072114e (patch)
tree: 3fc6bbb9e424e03b5586b585a7e1387e5ba80adf /net/netfilter/x_tables.c
parent: 19926968ea86a286aa6fbea16ee3f2e7442f10f0 (diff)
download: linux-9d5c12a7c08f67999772065afd50fb222072114e.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index dc68ac49614a9..01f8e122e74ee 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -894,6 +894,9 @@ EXPORT_SYMBOL(xt_check_entry_offsets);
  */
 unsigned int *xt_alloc_entry_offsets(unsigned int size)
 {
+	if (size > XT_MAX_TABLE_SIZE / sizeof(unsigned int))
+		return NULL;
+
 	return kvmalloc_array(size, sizeof(unsigned int), GFP_KERNEL | __GFP_ZERO);
 
 }
author	Florian Westphal <fw@strlen.de>	2018-02-27 19:42:32 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-03-05 23:15:43 +0100
commit	9d5c12a7c08f67999772065afd50fb222072114e (patch)
tree	3fc6bbb9e424e03b5586b585a7e1387e5ba80adf /net/netfilter/x_tables.c
parent	19926968ea86a286aa6fbea16ee3f2e7442f10f0 (diff)
download	linux-9d5c12a7c08f67999772065afd50fb222072114e.tar.gz