projects
/
platform
/
kernel
/
linux-starfive.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
netfilter: nf_tables: limit allowed range via nla_policy
[platform/kernel/linux-starfive.git]
/
net
/
netfilter
/
nft_hash.c
diff --git
a/net/netfilter/nft_hash.c
b/net/netfilter/nft_hash.c
index
ee8d487
..
92d47e4
100644
(file)
--- a/
net/netfilter/nft_hash.c
+++ b/
net/netfilter/nft_hash.c
@@
-59,7
+59,7
@@
static void nft_symhash_eval(const struct nft_expr *expr,
static const struct nla_policy nft_hash_policy[NFTA_HASH_MAX + 1] = {
[NFTA_HASH_SREG] = { .type = NLA_U32 },
[NFTA_HASH_DREG] = { .type = NLA_U32 },
static const struct nla_policy nft_hash_policy[NFTA_HASH_MAX + 1] = {
[NFTA_HASH_SREG] = { .type = NLA_U32 },
[NFTA_HASH_DREG] = { .type = NLA_U32 },
- [NFTA_HASH_LEN] =
{ .type = NLA_U32 }
,
+ [NFTA_HASH_LEN] =
NLA_POLICY_MAX(NLA_BE32, 255)
,
[NFTA_HASH_MODULUS] = { .type = NLA_U32 },
[NFTA_HASH_SEED] = { .type = NLA_U32 },
[NFTA_HASH_OFFSET] = { .type = NLA_U32 },
[NFTA_HASH_MODULUS] = { .type = NLA_U32 },
[NFTA_HASH_SEED] = { .type = NLA_U32 },
[NFTA_HASH_OFFSET] = { .type = NLA_U32 },