Commit 5cb30640 authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: Use correct type for "ports" module parameter

With large port numbers the helper_names buffer can overflow.
Noticed by Samir Bellabes <sbellabes@mandriva.com>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent f3591fff
...@@ -29,9 +29,9 @@ static char *ftp_buffer; ...@@ -29,9 +29,9 @@ static char *ftp_buffer;
static DEFINE_SPINLOCK(ip_ftp_lock); static DEFINE_SPINLOCK(ip_ftp_lock);
#define MAX_PORTS 8 #define MAX_PORTS 8
static int ports[MAX_PORTS]; static short ports[MAX_PORTS];
static int ports_c; static int ports_c;
module_param_array(ports, int, &ports_c, 0400); module_param_array(ports, short, &ports_c, 0400);
static int loose; static int loose;
module_param(loose, int, 0600); module_param(loose, int, 0600);
...@@ -450,7 +450,7 @@ out_update_nl: ...@@ -450,7 +450,7 @@ out_update_nl:
} }
static struct ip_conntrack_helper ftp[MAX_PORTS]; static struct ip_conntrack_helper ftp[MAX_PORTS];
static char ftp_names[MAX_PORTS][10]; static char ftp_names[MAX_PORTS][sizeof("ftp-65535")];
/* Not __exit: called from init() */ /* Not __exit: called from init() */
static void fini(void) static void fini(void)
......
...@@ -34,7 +34,7 @@ ...@@ -34,7 +34,7 @@
#include <linux/moduleparam.h> #include <linux/moduleparam.h>
#define MAX_PORTS 8 #define MAX_PORTS 8
static int ports[MAX_PORTS]; static short ports[MAX_PORTS];
static int ports_c; static int ports_c;
static int max_dcc_channels = 8; static int max_dcc_channels = 8;
static unsigned int dcc_timeout = 300; static unsigned int dcc_timeout = 300;
...@@ -52,7 +52,7 @@ EXPORT_SYMBOL_GPL(ip_nat_irc_hook); ...@@ -52,7 +52,7 @@ EXPORT_SYMBOL_GPL(ip_nat_irc_hook);
MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
MODULE_DESCRIPTION("IRC (DCC) connection tracking helper"); MODULE_DESCRIPTION("IRC (DCC) connection tracking helper");
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
module_param_array(ports, int, &ports_c, 0400); module_param_array(ports, short, &ports_c, 0400);
MODULE_PARM_DESC(ports, "port numbers of IRC servers"); MODULE_PARM_DESC(ports, "port numbers of IRC servers");
module_param(max_dcc_channels, int, 0400); module_param(max_dcc_channels, int, 0400);
MODULE_PARM_DESC(max_dcc_channels, "max number of expected DCC channels per IRC session"); MODULE_PARM_DESC(max_dcc_channels, "max number of expected DCC channels per IRC session");
...@@ -240,7 +240,7 @@ static int help(struct sk_buff **pskb, ...@@ -240,7 +240,7 @@ static int help(struct sk_buff **pskb,
} }
static struct ip_conntrack_helper irc_helpers[MAX_PORTS]; static struct ip_conntrack_helper irc_helpers[MAX_PORTS];
static char irc_names[MAX_PORTS][10]; static char irc_names[MAX_PORTS][sizeof("irc-65535")];
static void fini(void); static void fini(void);
......
...@@ -26,9 +26,9 @@ MODULE_DESCRIPTION("tftp connection tracking helper"); ...@@ -26,9 +26,9 @@ MODULE_DESCRIPTION("tftp connection tracking helper");
MODULE_LICENSE("GPL"); MODULE_LICENSE("GPL");
#define MAX_PORTS 8 #define MAX_PORTS 8
static int ports[MAX_PORTS]; static short ports[MAX_PORTS];
static int ports_c; static int ports_c;
module_param_array(ports, int, &ports_c, 0400); module_param_array(ports, short, &ports_c, 0400);
MODULE_PARM_DESC(ports, "port numbers of tftp servers"); MODULE_PARM_DESC(ports, "port numbers of tftp servers");
#if 0 #if 0
...@@ -100,7 +100,7 @@ static int tftp_help(struct sk_buff **pskb, ...@@ -100,7 +100,7 @@ static int tftp_help(struct sk_buff **pskb,
} }
static struct ip_conntrack_helper tftp[MAX_PORTS]; static struct ip_conntrack_helper tftp[MAX_PORTS];
static char tftp_names[MAX_PORTS][10]; static char tftp_names[MAX_PORTS][sizeof("tftp-65535")];
static void fini(void) static void fini(void)
{ {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment