5bcf169444540cbb8646cb415087f5ec83f60432 - LeafOS-Devices/android_kernel_samsung_exynos9820

commit	5bcf169444540cbb8646cb415087f5ec83f60432	[log] [tgz]
author	Florian Westphal <fw@strlen.de>	Tue Feb 27 19:42:32 2018 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	Thu Apr 26 11:02:21 2018 +0200
tree	25c6024dd85b0228d7b8b964a298329bd67fa07e
parent	764f2162d97a498269c9b67607fe163692a79aa7 [diff]

netfilter: x_tables: limit allocation requests for blob rule heads

commit 9d5c12a7c08f67999772065afd50fb222072114e upstream.

This is a very conservative limit (134217728 rules), but good
enough to not trigger frequent oom from syzkaller.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

net/netfilter/x_tables.c[diff]

1 file changed

tree: 25c6024dd85b0228d7b8b964a298329bd67fa07e