r3670 - in trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series

Simon Horman horms at costa.debian.org
Tue Aug 2 06:23:13 UTC 2005 

Author: horms
Date: 2005-08-02 06:23:11 +0000 (Tue, 02 Aug 2005)
New Revision: 3670

Added:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/174_net-ipv4-netfilter-nat-mem.diff
Modified:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
Log:
Fix potential memory corruption in NAT code (aka memory NAT)

Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-08-02 06:07:24 UTC (rev 3669)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-08-02 06:23:11 UTC (rev 3670)
@@ -36,8 +36,12 @@
      tty_ldisc_ref return null check
      (Simon Horman)
 
- -- Simon Horman <horms at debian.org>  Tue,  2 Aug 2005 16:03:32 +0900
+  * 174_net-ipv4-netfilter-nat-mem.diff
+     Fix potential memory corruption in NAT code (aka memory NAT)
+     (Simon Horman)
 
+ -- Simon Horman <horms at debian.org>  Tue,  2 Aug 2005 16:30:59 +0900
+
 kernel-source-2.4.27 (2.4.27-10) unstable; urgency=low
 
   * 155_net-bluetooth-signdness-fix.diff:

Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/174_net-ipv4-netfilter-nat-mem.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/174_net-ipv4-netfilter-nat-mem.diff	2005-08-02 06:07:24 UTC (rev 3669)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/174_net-ipv4-netfilter-nat-mem.diff	2005-08-02 06:23:11 UTC (rev 3670)
@@ -0,0 +1,24 @@
+--- a/net/ipv4/netfilter/ip_nat_proto_tcp.c	2005-08-02 16:27:09.000000000 +0900
++++ b/net/ipv4/netfilter/ip_nat_proto_tcp.c	2005-08-02 16:27:58.000000000 +0900
+@@ -31,7 +31,8 @@ tcp_unique_tuple(struct ip_conntrack_tup
+ 		 enum ip_nat_manip_type maniptype,
+ 		 const struct ip_conntrack *conntrack)
+ {
+-	static u_int16_t port = 0, *portptr;
++	static u_int16_t port = 0;
++	u_int16_t *portptr;
+ 	unsigned int range_size, min, i;
+ 
+ 	if (maniptype == IP_NAT_MANIP_SRC)
+--- a/net/ipv4/netfilter/ip_nat_proto_udp.c	2005-08-02 16:26:39.000000000 +0900
++++ b/net/ipv4/netfilter/ip_nat_proto_udp.c	2005-08-02 16:28:42.000000000 +0900
+@@ -32,7 +32,8 @@ udp_unique_tuple(struct ip_conntrack_tup
+ 		 enum ip_nat_manip_type maniptype,
+ 		 const struct ip_conntrack *conntrack)
+ {
+-	static u_int16_t port = 0, *portptr;
++	static u_int16_t port = 0;
++	u_int16_t *portptr;
+ 	unsigned int range_size, min, i;
+ 
+ 	if (maniptype == IP_NAT_MANIP_SRC)

Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11	2005-08-02 06:07:24 UTC (rev 3669)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11	2005-08-02 06:23:11 UTC (rev 3670)
@@ -6,3 +6,4 @@
 + 171_arch-ia64-x86_64-execve-overflow.diff
 + 172_ppc32-time_offset-misuse.diff
 + 173_v4l-cx88-hue-offset-fix.diff
++ 174_net-ipv4-netfilter-nat-mem.diff

More information about the Kernel-svn-changes mailing list