packages/libnftnl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:83cdb381878fe8d95dd5988b2ab82d80bb5d7fd2
Branches Tags
packages:main
...
compare: packages:0b21af91a169723cab8b341f15461d07103a10de
Branches Tags
packages:main

10 Commits
83cdb38187 ... 0b21af91a1

Author SHA1 Message Date
openeuler-ci-bot
0b21af91a1
!39 set: Do not leave free'd expr_list elements in place 
From: @tong_1001 
Reviewed-by: @hubin95 
Signed-off-by: @hubin95
 2023-09-05 12:32:51 +00:00
shixuantong
b59730ddbc set: Do not leave free'd expr_list elements in place 2023-09-05 20:25:21 +08:00
openeuler-ci-bot
d33dfaaea5
!38 Update package to version 1.2.6 
From: @lingjuer 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
 2023-07-17 07:26:38 +00:00
lingjuer
bc84bc1494 Upfate to version 1.2.6 2023-07-17 14:24:54 +08:00
openeuler-ci-bot
0b983e9bcf
!21 update version to 1.2.5 
From: @tong_1001 
Reviewed-by: @hubin95 
Signed-off-by: @hubin95
 2023-04-01 02:44:21 +00:00
sxt1001
0519dbfa91 update version to 1.2.5 2023-04-01 10:04:02 +08:00
openeuler-ci-bot
a8fd3cec04
!20 update version to 1.2.4 
From: @fly_fzc 
Reviewed-by: @xiezhipeng1 
Signed-off-by: @xiezhipeng1
 2022-11-21 01:27:03 +00:00
fly_fzc
14a9776622 update version to 1.2.4 2022-11-17 16:12:29 +08:00
openeuler-ci-bot
e9b9921d7e
!17 【轻量级 PR】:rebuild for next release 
From: @markeryang 
Reviewed-by: @xiezhipeng1 
Signed-off-by: @xiezhipeng1
 2022-10-26 03:37:04 +00:00
Markeryang
bf101070a9
update for mass rebuild and upgrade verification 2022-10-25 09:17:38 +00:00
4 changed files with 101 additions and 3 deletions
Show Stats Expand all files Collapse all files

69
backport-set-Do-not-leave-free-d-expr_list-elements-in-place.patch Normal file
View File

@ -0,0 +1,69 @@
From 2d83a7d4f58fbf6eaa9aeace49c78d91a86a3b28 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 31 May 2023 14:09:09 +0200
Subject: [PATCH] set: Do not leave free'd expr_list elements in place
When freeing elements, remove them also to prevent a potential UAF.
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1685
Fixes: 3469f09286cee ("src: add NFTNL_SET_EXPRESSIONS")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
src/set.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/src/set.c b/src/set.c
index c46f827..719e596 100644
--- a/src/set.c
+++ b/src/set.c
@@ -54,8 +54,10 @@ void nftnl_set_free(const struct nftnl_set *s)
if (s->flags & (1 << NFTNL_SET_USERDATA))
xfree(s->user.data);
- list_for_each_entry_safe(expr, next, &s->expr_list, head)
+ list_for_each_entry_safe(expr, next, &s->expr_list, head) {
+ list_del(&expr->head);
nftnl_expr_free(expr);
+ }
list_for_each_entry_safe(elem, tmp, &s->element_list, head) {
list_del(&elem->head);
@@ -105,8 +107,10 @@ void nftnl_set_unset(struct nftnl_set *s, uint16_t attr)
break;
case NFTNL_SET_EXPR:
case NFTNL_SET_EXPRESSIONS:
- list_for_each_entry_safe(expr, tmp, &s->expr_list, head)
+ list_for_each_entry_safe(expr, tmp, &s->expr_list, head) {
+ list_del(&expr->head);
nftnl_expr_free(expr);
+ }
break;
default:
return;
@@ -210,8 +214,10 @@ int nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data,
s->user.len = data_len;
break;
case NFTNL_SET_EXPR:
- list_for_each_entry_safe(expr, tmp, &s->expr_list, head)
+ list_for_each_entry_safe(expr, tmp, &s->expr_list, head) {
+ list_del(&expr->head);
nftnl_expr_free(expr);
+ }
expr = (void *)data;
list_add(&expr->head, &s->expr_list);
@@ -742,8 +748,10 @@ int nftnl_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_set *s)
return 0;
out_set_expr:
- list_for_each_entry_safe(expr, next, &s->expr_list, head)
+ list_for_each_entry_safe(expr, next, &s->expr_list, head) {
+ list_del(&expr->head);
nftnl_expr_free(expr);
+ }
return -1;
}
--
2.27.0

BIN
libnftnl-1.2.1.tar.bz2
View File

Binary file not shown.

BIN
libnftnl-1.2.6.tar.xz Normal file
View File

Binary file not shown.

35
libnftnl.spec
View File

@ -1,10 +1,12 @@
Name: libnftnl
Version: 1.2.1
Release: 1
Version: 1.2.6
Release: 2
Summary: Library for low-level interaction with nftables Netlink's API over libmnl
License: GPLv2+
URL: http://netfilter.org/projects/libnftnl/
Source0: http://netfilter.org/projects/libnftnl/files/%{name}-%{version}.tar.bz2
Source0: http://netfilter.org/projects/libnftnl/files/%{name}-%{version}.tar.xz
Patch6000: backport-set-Do-not-leave-free-d-expr_list-elements-in-place.patch
BuildRequires: libmnl-devel jansson-devel gcc
@ -51,6 +53,33 @@ make %{?_smp_mflags} check
%{_includedir}/libnftnl
%changelog
* Tue Sep 05 2023 shixuantong <shixuantong1@huawei.com> - 1.2.6-2
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:set: Do not leave free'd expr_list elements in place
* Mon Jul 17 2023 zhangchenglin <zhangchenglin@kylinos.cn> - 1.2.6-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update version to 1.2.6
* Sat Apr 01 2023 shixuantong <shixuantong1@huawei.com> - 1.2.5-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update version to 1.2.5
* Thu Nov 17 2022 fuanan <fuanan3@h-partners.com> - 1.2.4-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update version to 1.2.4
* Tue Oct 25 2022 yanglongkang <yanglongkang@h-partners.com> - 1.2.1-2
- rebuild for next release
* Tue Mar 29 2022 panxiaohe <panxh.life@foxmail.com> - 1.2.1-1
- update to 1.2.1