[Bug 641] New: iptables-restore buffer overflow
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Tue Mar 16 16:03:46 CET 2010
http://bugzilla.netfilter.org/show_bug.cgi?id=641
Summary: iptables-restore buffer overflow
Product: iptables
Version: unspecified
Platform: All
URL: https://bugzilla.redhat.com/show_bug.cgi?id=545600
OS/Version: Fedora
Status: NEW
Severity: critical
Priority: P1
Component: iptables-restore
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: benny+netfilter at amorsen.dk
When using iptables-restore with a sufficiently long chain name, iptables
crashes and the kernel reports a buffer overflow.
Easily reproducible:
iptables-restore <<EOF
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:abcdefghijklmnopqrstuvwxyz123 - [0:0]
-A FORWARD -i eth0.204 -o eth1.901 -j abcdefghijklmnopqrstuvwxyz123
EOF
Problem exists in iptables-1.4.5-1.fc12.i686, iptables-1.4.6-2.fc13.x86_64, and
iptables-1.4.7-1.fc14.x86_64, all from Fedora.
It was a bit of fun when our test firewall booted without rules...
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list