projects
/
platform
/
kernel
/
linux-starfive.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
netfilter: nf_tables: limit allowed range via nla_policy
[platform/kernel/linux-starfive.git]
/
net
/
netfilter
/
nft_ct.c
diff --git
a/net/netfilter/nft_ct.c
b/net/netfilter/nft_ct.c
index
b9c8449
..
38958e0
100644
(file)
--- a/
net/netfilter/nft_ct.c
+++ b/
net/netfilter/nft_ct.c
@@
-332,7
+332,7
@@
static void nft_ct_set_eval(const struct nft_expr *expr,
static const struct nla_policy nft_ct_policy[NFTA_CT_MAX + 1] = {
[NFTA_CT_DREG] = { .type = NLA_U32 },
static const struct nla_policy nft_ct_policy[NFTA_CT_MAX + 1] = {
[NFTA_CT_DREG] = { .type = NLA_U32 },
- [NFTA_CT_KEY] =
{ .type = NLA_U32 }
,
+ [NFTA_CT_KEY] =
NLA_POLICY_MAX(NLA_BE32, 255)
,
[NFTA_CT_DIRECTION] = { .type = NLA_U8 },
[NFTA_CT_SREG] = { .type = NLA_U32 },
};
[NFTA_CT_DIRECTION] = { .type = NLA_U8 },
[NFTA_CT_SREG] = { .type = NLA_U32 },
};