mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 13:55:32 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/ipv4/netfilter
History
Patrick McHardy 544473c166 [NETFILTER]: {ip,ip6,arp}_tables: return EAGAIN for invalid SO_GET_ENTRIES size 
Rule dumping is performed in two steps: first userspace gets the
ruleset size using getsockopt(SO_GET_INFO) and allocates memory,
then it calls getsockopt(SO_GET_ENTRIES) to actually dump the
ruleset. When another process changes the ruleset in between the
sizes from the first getsockopt call doesn't match anymore and
the kernel aborts. Unfortunately it returns EAGAIN, as for multiple
other possible errors, so userspace can't distinguish this case
from real errors.

Return EAGAIN so userspace can retry the operation.

Fixes (with current iptables SVN version) netfilter bugzilla #104.

Signed-off-by: Patrick McHardy <kaber@trash.net>
2008-04-14 11:15:45 +02:00
..
arp_tables.c [NETFILTER]: {ip,ip6,arp}_tables: return EAGAIN for invalid SO_GET_ENTRIES size 2008-04-14 11:15:45 +02:00
arpt_mangle.c [NETFILTER]: remove arpt_(un)register_target indirection macros 2008-04-14 11:15:44 +02:00
arptable_filter.c [NETFILTER]: Explicitly initialize .priority in arptable_filter 2008-04-14 11:15:44 +02:00
ip_queue.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-03-27 18:48:56 -07:00
ip_tables.c [NETFILTER]: {ip,ip6,arp}_tables: return EAGAIN for invalid SO_GET_ENTRIES size 2008-04-14 11:15:45 +02:00
ipt_addrtype.c [NETFILTER]: Update modules' descriptions 2008-01-28 15:02:26 -08:00
ipt_ah.c [NETFILTER]: Update modules' descriptions 2008-01-28 15:02:26 -08:00
ipt_CLUSTERIP.c [NETFILTER]: annotate xtables targets with const and remove casts 2008-04-14 09:56:05 +02:00
ipt_ecn.c [NETFILTER]: Update modules' descriptions 2008-01-28 15:02:26 -08:00
ipt_ECN.c [NETFILTER]: annotate xtables targets with const and remove casts 2008-04-14 09:56:05 +02:00
ipt_LOG.c [NETFILTER]: annotate xtables targets with const and remove casts 2008-04-14 09:56:05 +02:00
ipt_MASQUERADE.c [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
ipt_NETMAP.c [NETFILTER]: Update modules' descriptions 2008-01-28 15:02:26 -08:00
ipt_recent.c [NETFILTER]: annotate xtables targets with const and remove casts 2008-04-14 09:56:05 +02:00
ipt_REDIRECT.c [NETFILTER]: Update modules' descriptions 2008-01-28 15:02:26 -08:00
ipt_REJECT.c [NETFILTER]: annotate xtables targets with const and remove casts 2008-04-14 09:56:05 +02:00
ipt_TTL.c [NETFILTER]: Update modules' descriptions 2008-01-28 15:02:26 -08:00
ipt_ttl.c [NETFILTER]: Update modules' descriptions 2008-01-28 15:02:26 -08:00
ipt_ULOG.c [NETNS]: Consolidate kernel netlink socket destruction. 2008-01-28 15:08:07 -08:00
iptable_filter.c [NETFILTER]: Use non-deprecated __RW_LOCK_UNLOCKED macro 2008-04-14 09:56:03 +02:00
iptable_mangle.c [NETFILTER]: Use non-deprecated __RW_LOCK_UNLOCKED macro 2008-04-14 09:56:03 +02:00
iptable_raw.c [NETFILTER]: Use non-deprecated __RW_LOCK_UNLOCKED macro 2008-04-14 09:56:03 +02:00
Kconfig [NETFILTER]: Rename ipt_iprange to xt_iprange 2008-01-28 15:02:27 -08:00
Makefile [NETFILTER]: Rename ipt_iprange to xt_iprange 2008-01-28 15:02:27 -08:00
nf_conntrack_l3proto_ipv4.c [NETFILTER]: nf_conntrack: annotate l3protos with const 2008-01-31 19:28:13 -08:00
nf_conntrack_l3proto_ipv4_compat.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-03-27 18:48:56 -07:00
nf_conntrack_proto_icmp.c [NETFILTER]: nf_{conntrack,nat}_icmp: constify and annotate 2008-01-31 19:28:12 -08:00
nf_nat_amanda.c [NETFILTER]: remove unneeded rcu_dereference() calls 2007-11-07 04:08:23 -08:00
nf_nat_core.c [NETFILTER]: annotate rest of nf_nat_* with const 2008-04-14 11:15:42 +02:00
nf_nat_ftp.c [NETFILTER]: remove unneeded rcu_dereference() calls 2007-11-07 04:08:23 -08:00
nf_nat_h323.c [NETFILTER]: nf_conntrack_h323: constify and annotate H.323 helper 2008-01-31 19:28:07 -08:00
nf_nat_helper.c [IPV4]: Add 'rtable' field in struct sk_buff to alias 'dst' and avoid casts 2008-03-05 18:30:47 -08:00
nf_nat_irc.c [NETFILTER]: remove unneeded rcu_dereference() calls 2007-11-07 04:08:23 -08:00
nf_nat_pptp.c [NETFILTER]: nf_{conntrack,nat}_pptp: annotate PPtP helper with const 2008-01-31 19:28:09 -08:00
nf_nat_proto_gre.c [NETFILTER]: nf_{conntrack,nat}_proto_gre: annotate with const 2008-01-31 19:28:12 -08:00
nf_nat_proto_icmp.c [NETFILTER]: nf_{conntrack,nat}_icmp: constify and annotate 2008-01-31 19:28:12 -08:00
nf_nat_proto_tcp.c [NETFILTER]: nf_{conntrack,nat}_proto_tcp: constify and annotate TCP modules 2008-01-31 19:28:10 -08:00
nf_nat_proto_udp.c [NETFILTER]: nf_{conntrack,nat}_proto_udp{,lite}: annotate with const 2008-01-31 19:28:11 -08:00
nf_nat_proto_unknown.c [NETFILTER]: nf_nat: mark NAT protocols const 2008-01-28 14:58:56 -08:00
nf_nat_rule.c [NETFILTER]: annotate xtables targets with const and remove casts 2008-04-14 09:56:05 +02:00
nf_nat_sip.c [NETFILTER]: nf_conntrack_sip: update copyright 2008-03-25 20:27:05 -07:00
nf_nat_snmp_basic.c [NETFILTER]: annotate rest of nf_nat_* with const 2008-04-14 11:15:42 +02:00
nf_nat_standalone.c [NETFILTER]: annotate rest of nf_nat_* with const 2008-04-14 11:15:42 +02:00
nf_nat_tftp.c [NETFILTER]: nf_{conntrack,nat}_tftp: annotate TFTP helper with const 2008-01-31 19:28:08 -08:00