16 Jul, 2019
1 commit
-
In 9fb9cbb1082d ("[NETFILTER]: Add nf_conntrack subsystem.") the new
generic nf_conntrack was introduced, and it came to supersede the old
ip_conntrack.This change updates (some) of the obsolete comments referring to old
file/function names of the ip_conntrack mechanism, as well as removes a
few self-referencing comments that we shouldn't maintain anymore.I did not update any comments referring to historical actions (e.g,
comments like "this file was derived from ..." were left untouched, even
if the referenced file is no longer here).Signed-off-by: Yonatan Goldschmidt
Signed-off-by: Pablo Neira Ayuso
19 Jun, 2019
1 commit
-
Based on 2 normalized pattern(s):
this source code is licensed under the gnu general public license
version 2 see the file copying for more detailsthis source code is licensed under general public license version 2
seeextracted by the scancode license scanner the SPDX license identifier
GPL-2.0-only
has been chosen to replace the boilerplate/reference in 52 file(s).
Signed-off-by: Thomas Gleixner
Reviewed-by: Enrico Weigelt
Reviewed-by: Allison Randal
Reviewed-by: Alexios Zavras
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190602204653.449021192@linutronix.de
Signed-off-by: Greg Kroah-Hartman
06 May, 2019
1 commit
-
Since commit bc7d811ace4a ("netfilter: nf_ct_h323: Convert
CHECK_BOUND macro to function"), NAT traversal for H.323
doesn't work, failing to parse H323-UserInformation.
nf_h323_error_boundary() compares contents of the bitstring,
not the addresses, preventing valid H.323 packets from being
conntrack'd.This looks like an oversight from when CHECK_BOUND macro was
converted to a function.To fix it, stop dereferencing bs->cur and bs->end.
Fixes: bc7d811ace4a ("netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function")
Signed-off-by: Jakub Jankowski
Signed-off-by: Pablo Neira Ayuso
09 Jan, 2018
2 commits
-
Change old multi-line comment style to kernel comment style and
remove unwanted comments.Signed-off-by: Varsha Rao
Signed-off-by: Pablo Neira Ayuso -
In preparation to enabling -Wimplicit-fallthrough, mark switch cases
where we are expecting to fall through.Signed-off-by: Gustavo A. R. Silva
Signed-off-by: Simon Horman
Signed-off-by: Pablo Neira Ayuso
20 Nov, 2017
2 commits
-
This patch fixes several out of bounds memory reads by extending
the nf_h323_error_boundary() function to work on bits as well
an check the affected parts.Signed-off-by: Eric Sesterhenn
Signed-off-by: Pablo Neira Ayuso -
It is bad practive to return in a macro, this patch
moves the check into a function.Signed-off-by: Eric Sesterhenn
Signed-off-by: Pablo Neira Ayuso
25 Oct, 2017
2 commits
-
Add missing counter decrement to prevent out of bounds memory read.
Signed-off-by: Eric Sesterhenn
Acked-by: Florian Westphal
Signed-off-by: Pablo Neira Ayuso -
Remove typedef from struct as linux-kernel coding style tends to
avoid using typedefs.
Done using following coccinelle semantic patch@r1@
type T;
@@typedef struct { ... } T;
@script:python c1@
T2;
T << r1.T;
@@
if T[-2:] =="_t" or T[-2:] == "_T":
coccinelle.T2 = T[:-2];
else:
coccinelle.T2 = T;print T, coccinelle.T2
@r2@
type r1.T;
identifier c1.T2;
@@
-typedef
struct
+ T2
{ ... }
-T
;@r3@
type r1.T;
identifier c1.T2;
@@
-T
+struct T2Signed-off-by: Harsha Sharma
Signed-off-by: Pablo Neira Ayuso
11 Jul, 2016
1 commit
-
This patch corrects an off-by-one error in the DecodeQ931 function in
the nf_conntrack_h323 module. This error could result in reading off
the end of a Q.931 frame.Signed-off-by: Toby DiPasquale
Signed-off-by: Pablo Neira Ayuso
04 Apr, 2011
1 commit
-
Static analyzer of clang found a dead store which appears to be a bug in
reading count of items in SEQOF field, only the lower byte of word is
stored. This may lead to corrupted read and communication shutdown.The bug has been in the module since it's first inclusion into linux
kernel.[Patrick: the bug is real, but without practical consequence since the
largest amount of sequence-of members we parse is 30.]Signed-off-by: David Sterba
Signed-off-by: Patrick McHardy
01 Feb, 2008
3 commits
-
Constify data tables (predominantly in nf_conntrack_h323_types.c, but
also a few in nf_conntrack_h323_asn1.c) and use const qualifiers on
variables where possible in the h323 sources.Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
-total: 81 errors, 3 warnings, 876 lines checked
+total: 44 errors, 3 warnings, 876 lines checkedThere is still work to be done, but that's for another patch.
Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Sparse complains when a function is not really static. Putting static
on the function prototype is not enough.Signed-off-by: Stephen Hemminger
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
29 Jan, 2008
1 commit
-
Parenthesize macro parameters.
Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
11 Jul, 2007
1 commit
-
Check range before checking STOP flag. This optimization may save a
nanosecond or less :)Signed-off-by: Jing Min Zhao
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
06 Jul, 2007
1 commit
-
Choices' index values may be out of range while still encoded in the fixed
length bit-field. This bug may cause access to undefined types (NULL
pointers) and thus crashes (Reported by Zhongling Wen).This patch also adds checking of decode flag when decoding SEQUENCEs.
Signed-off-by: Jing Min Zhao
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
03 Dec, 2006
1 commit
-
Add IPv4 and IPv6 capable nf_conntrack port of the H.323 conntrack/NAT helper.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller