subject:"\[PATCH\] net\: fix search limit handling in skb_find

Re: [PATCH] net: fix search limit handling in skb_find_text()

2015-06-18 Thread Pablo Neira Ayuso

On Tue, Jun 16, 2015 at 03:13:41PM +0300, Roman Khimov wrote: > В письме от 16 июня 2015 12:48:41 пользователь Pablo Neira Ayuso написал: [...] > > But if we change the existing behaviour, users may be relying on it > > and we'll get things broken for them. Someone else will come later one > > with

Re: [PATCH] net: fix search limit handling in skb_find_text()

2015-06-18 Thread David Miller

From: Roman I Khimov Date: Mon, 15 Jun 2015 12:11:58 +0300 > Suppose that we're trying to use an xt_string netfilter module to match a > string in a specially crafted packet that has "a nice string" starting at > offset 28. > > It could be done in iptables like this: > > -A some_chain -m string

Re: [PATCH] net: fix search limit handling in skb_find_text()

2015-06-16 Thread Roman Khimov

В письме от 16 июня 2015 12:48:41 пользователь Pablo Neira Ayuso написал: > On Mon, Jun 15, 2015 at 10:37:31PM +0300, Roman Khimov wrote: > > В письме от 15 июня 2015 19:06:39 пользователь Pablo Neira Ayuso написал: > > > On Mon, Jun 15, 2015 at 12:11:58PM +0300, Roman I Khimov wrote: > > > > Suppo

Re: [PATCH] net: fix search limit handling in skb_find_text()

2015-06-16 Thread Pablo Neira Ayuso

On Mon, Jun 15, 2015 at 10:37:31PM +0300, Roman Khimov wrote: > В письме от 15 июня 2015 19:06:39 пользователь Pablo Neira Ayuso написал: > > On Mon, Jun 15, 2015 at 12:11:58PM +0300, Roman I Khimov wrote: > > > Suppose that we're trying to use an xt_string netfilter module to match a > > > string

Re: [PATCH] net: fix search limit handling in skb_find_text()

2015-06-15 Thread Roman Khimov

В письме от 15 июня 2015 19:06:39 пользователь Pablo Neira Ayuso написал: > On Mon, Jun 15, 2015 at 12:11:58PM +0300, Roman I Khimov wrote: > > Suppose that we're trying to use an xt_string netfilter module to match a > > string in a specially crafted packet that has "a nice string" starting at > >

Re: [PATCH] net: fix search limit handling in skb_find_text()

2015-06-15 Thread Pablo Neira Ayuso

Cc'ing Thomas. On Mon, Jun 15, 2015 at 12:11:58PM +0300, Roman I Khimov wrote: > Suppose that we're trying to use an xt_string netfilter module to match a > string in a specially crafted packet that has "a nice string" starting at > offset 28. > > It could be done in iptables like this: > > -A s

[PATCH] net: fix search limit handling in skb_find_text()

2015-06-15 Thread Roman I Khimov

Suppose that we're trying to use an xt_string netfilter module to match a string in a specially crafted packet that has "a nice string" starting at offset 28. It could be done in iptables like this: -A some_chain -m string --string "a nice string" --algo bm --from 28 --to 38 -j DROP And it woul

Re: [PATCH] net: fix search limit handling in skb_find_text()

Re: [PATCH] net: fix search limit handling in skb_find_text()

Re: [PATCH] net: fix search limit handling in skb_find_text()

Re: [PATCH] net: fix search limit handling in skb_find_text()

Re: [PATCH] net: fix search limit handling in skb_find_text()

Re: [PATCH] net: fix search limit handling in skb_find_text()

[PATCH] net: fix search limit handling in skb_find_text()

7 matches

Site Navigation

Mail list logo

Footer information