aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2005-09-13 16:48:00 -0400
committerDavid S. Miller <davem@davemloft.net>2005-09-13 16:48:00 -0400
commit5cb30640ce01d76d256533bb2824c9cc14eb4070 (patch)
tree1ed9c7e0c13c049dbc8bcc55a852dc0aad00df3d
parentf3591fff043f5df937120962668c8adfcd3f5b29 (diff)
[NETFILTER]: Use correct type for "ports" module parameter
With large port numbers the helper_names buffer can overflow. Noticed by Samir Bellabes <sbellabes@mandriva.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/netfilter/ip_conntrack_ftp.c6
-rw-r--r--net/ipv4/netfilter/ip_conntrack_irc.c6
-rw-r--r--net/ipv4/netfilter/ip_conntrack_tftp.c6
3 files changed, 9 insertions, 9 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_ftp.c b/net/ipv4/netfilter/ip_conntrack_ftp.c
index 1b79ec36085f..d77d6b3f5f80 100644
--- a/net/ipv4/netfilter/ip_conntrack_ftp.c
+++ b/net/ipv4/netfilter/ip_conntrack_ftp.c
@@ -29,9 +29,9 @@ static char *ftp_buffer;
29static DEFINE_SPINLOCK(ip_ftp_lock); 29static DEFINE_SPINLOCK(ip_ftp_lock);
30 30
31#define MAX_PORTS 8 31#define MAX_PORTS 8
32static int ports[MAX_PORTS]; 32static short ports[MAX_PORTS];
33static int ports_c; 33static int ports_c;
34module_param_array(ports, int, &ports_c, 0400); 34module_param_array(ports, short, &ports_c, 0400);
35 35
36static int loose; 36static int loose;
37module_param(loose, int, 0600); 37module_param(loose, int, 0600);
@@ -450,7 +450,7 @@ out_update_nl:
450} 450}
451 451
452static struct ip_conntrack_helper ftp[MAX_PORTS]; 452static struct ip_conntrack_helper ftp[MAX_PORTS];
453static char ftp_names[MAX_PORTS][10]; 453static char ftp_names[MAX_PORTS][sizeof("ftp-65535")];
454 454
455/* Not __exit: called from init() */ 455/* Not __exit: called from init() */
456static void fini(void) 456static void fini(void)
diff --git a/net/ipv4/netfilter/ip_conntrack_irc.c b/net/ipv4/netfilter/ip_conntrack_irc.c
index d7a8a98c05e1..15457415a4f3 100644
--- a/net/ipv4/netfilter/ip_conntrack_irc.c
+++ b/net/ipv4/netfilter/ip_conntrack_irc.c
@@ -34,7 +34,7 @@
34#include <linux/moduleparam.h> 34#include <linux/moduleparam.h>
35 35
36#define MAX_PORTS 8 36#define MAX_PORTS 8
37static int ports[MAX_PORTS]; 37static short ports[MAX_PORTS];
38static int ports_c; 38static int ports_c;
39static int max_dcc_channels = 8; 39static int max_dcc_channels = 8;
40static unsigned int dcc_timeout = 300; 40static unsigned int dcc_timeout = 300;
@@ -52,7 +52,7 @@ EXPORT_SYMBOL_GPL(ip_nat_irc_hook);
52MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); 52MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
53MODULE_DESCRIPTION("IRC (DCC) connection tracking helper"); 53MODULE_DESCRIPTION("IRC (DCC) connection tracking helper");
54MODULE_LICENSE("GPL"); 54MODULE_LICENSE("GPL");
55module_param_array(ports, int, &ports_c, 0400); 55module_param_array(ports, short, &ports_c, 0400);
56MODULE_PARM_DESC(ports, "port numbers of IRC servers"); 56MODULE_PARM_DESC(ports, "port numbers of IRC servers");
57module_param(max_dcc_channels, int, 0400); 57module_param(max_dcc_channels, int, 0400);
58MODULE_PARM_DESC(max_dcc_channels, "max number of expected DCC channels per IRC session"); 58MODULE_PARM_DESC(max_dcc_channels, "max number of expected DCC channels per IRC session");
@@ -240,7 +240,7 @@ static int help(struct sk_buff **pskb,
240} 240}
241 241
242static struct ip_conntrack_helper irc_helpers[MAX_PORTS]; 242static struct ip_conntrack_helper irc_helpers[MAX_PORTS];
243static char irc_names[MAX_PORTS][10]; 243static char irc_names[MAX_PORTS][sizeof("irc-65535")];
244 244
245static void fini(void); 245static void fini(void);
246 246
diff --git a/net/ipv4/netfilter/ip_conntrack_tftp.c b/net/ipv4/netfilter/ip_conntrack_tftp.c
index d2b590533452..a78736b8525d 100644
--- a/net/ipv4/netfilter/ip_conntrack_tftp.c
+++ b/net/ipv4/netfilter/ip_conntrack_tftp.c
@@ -26,9 +26,9 @@ MODULE_DESCRIPTION("tftp connection tracking helper");
26MODULE_LICENSE("GPL"); 26MODULE_LICENSE("GPL");
27 27
28#define MAX_PORTS 8 28#define MAX_PORTS 8
29static int ports[MAX_PORTS]; 29static short ports[MAX_PORTS];
30static int ports_c; 30static int ports_c;
31module_param_array(ports, int, &ports_c, 0400); 31module_param_array(ports, short, &ports_c, 0400);
32MODULE_PARM_DESC(ports, "port numbers of tftp servers"); 32MODULE_PARM_DESC(ports, "port numbers of tftp servers");
33 33
34#if 0 34#if 0
@@ -100,7 +100,7 @@ static int tftp_help(struct sk_buff **pskb,
100} 100}
101 101
102static struct ip_conntrack_helper tftp[MAX_PORTS]; 102static struct ip_conntrack_helper tftp[MAX_PORTS];
103static char tftp_names[MAX_PORTS][10]; 103static char tftp_names[MAX_PORTS][sizeof("tftp-65535")];
104 104
105static void fini(void) 105static void fini(void)
106{ 106{