[lvc-project] [PATCH v2] netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.
Pablo Neira Ayuso
pablo at netfilter.org
Wed Jan 11 21:10:35 MSK 2023
On Wed, Jan 11, 2023 at 01:00:53PM +0100, Simon Horman wrote:
> On Wed, Jan 11, 2023 at 11:57:39AM +0000, Gavrilov Ilia wrote:
> > [You don't often get email from ilia.gavrilov at infotecs.ru. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
> >
> > When first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of
> > an arithmetic expression 2 << (netmask - mask_bits - 1) is subject
> > to overflow due to a failure casting operands to a larger data type
> > before performing the arithmetic.
> >
> > Note that it's harmless since the value will be checked at the next step.
> >
> > Found by InfoTeCS on behalf of Linux Verification Center
> > (linuxtesting.org) with SVACE.
> >
> > Fixes: b9fed748185a ("netfilter: ipset: Check and reject crazy /0 input parameters")
> > Signed-off-by: Ilia.Gavrilov <Ilia.Gavrilov at infotecs.ru>
>
> Reviewed-by: Simon Horman <simon.horman at corigine.com>
Applied, thanks
More information about the lvc-project
mailing list