]> err.no Git - linux-2.6/commit
[NETFILTER]: nf_conntrack_tcp: catch invalid state updates over ctnetlink
authorPatrick McHardy <kaber@trash.net>
Mon, 14 Apr 2008 09:15:52 +0000 (11:15 +0200)
committerPatrick McHardy <kaber@trash.net>
Mon, 14 Apr 2008 09:15:52 +0000 (11:15 +0200)
commit5f7da4d26d421f3bdf10c3bbdb86ffc3a12a84f2
tree67c6cbeaa4005d5410d2f9dd02b9802b6ddf8beb
parentdd13b010368f85dfa59364ba87bfe8ae930b2832
[NETFILTER]: nf_conntrack_tcp: catch invalid state updates over ctnetlink

Invalid states can cause out-of-bound memory accesses of the state table.
Also don't insist on having a new state contained in the netlink message.

Signed-off-by: Patrick McHardy <kaber@trash.net>
net/netfilter/nf_conntrack_proto_tcp.c