diff options
| author | Willem de Bruijn <willemb@google.com> | 2017-01-02 17:19:41 -0500 |
|---|---|---|
| committer | Hridya Valsaraju <hridya@google.com> | 2020-07-23 14:45:59 +0000 |
| commit | 7c4fe724c11e23835feea86f4978d2c85e634e0f (patch) | |
| tree | 2a7c13cb40c88a7365af432fe09117533d425f3c | |
| parent | cd32331e4f01a5c34cf606e12232031e903040e1 (diff) | |
UPSTREAM: iptables: use match, target and data copy_to_user helpers
Convert iptables to copying entries, matches and targets one by one,
using the xt_match_to_user and xt_target_to_user helper functions.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Hridya Valsaraju <hridya@google.com>
Bug: 120612905
Change-Id: I627f408b9bbcae7c8ff203452d6c2a9794388dc4
(cherry picked from commit f77bc5b23fb1af51fc0faa8a479dea8969eb5079)
Signed-off-by: Hridya Valsaraju <hridya@google.com>
| -rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 21 |
1 files changed, 6 insertions, 15 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 53d664a7774c..f23e87578e43 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -964,10 +964,6 @@ copy_entries_to_user(unsigned int total_size, return PTR_ERR(counters); loc_cpu_entry = private->entries; - if (copy_to_user(userptr, loc_cpu_entry, total_size) != 0) { - ret = -EFAULT; - goto free_counters; - } /* FIXME: use iterator macros --RR */ /* ... then go back and fix counters and names */ @@ -977,6 +973,10 @@ copy_entries_to_user(unsigned int total_size, const struct xt_entry_target *t; e = (struct ipt_entry *)(loc_cpu_entry + off); + if (copy_to_user(userptr + off, e, sizeof(*e))) { + ret = -EFAULT; + goto free_counters; + } if (copy_to_user(userptr + off + offsetof(struct ipt_entry, counters), &counters[num], @@ -990,23 +990,14 @@ copy_entries_to_user(unsigned int total_size, i += m->u.match_size) { m = (void *)e + i; - if (copy_to_user(userptr + off + i - + offsetof(struct xt_entry_match, - u.user.name), - m->u.kernel.match->name, - strlen(m->u.kernel.match->name)+1) - != 0) { + if (xt_match_to_user(m, userptr + off + i)) { ret = -EFAULT; goto free_counters; } } t = ipt_get_target_c(e); - if (copy_to_user(userptr + off + e->target_offset - + offsetof(struct xt_entry_target, - u.user.name), - t->u.kernel.target->name, - strlen(t->u.kernel.target->name)+1) != 0) { + if (xt_target_to_user(t, userptr + off + e->target_offset)) { ret = -EFAULT; goto free_counters; } |