summaryrefslogtreecommitdiff
path: root/net/ipv4/netfilter/ip_conntrack_ftp.c
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2005-09-13 13:48:00 -0700
committerDavid S. Miller <davem@davemloft.net>2005-09-13 13:48:00 -0700
commit5cb30640ce01d76d256533bb2824c9cc14eb4070 (patch)
tree1ed9c7e0c13c049dbc8bcc55a852dc0aad00df3d /net/ipv4/netfilter/ip_conntrack_ftp.c
parentf3591fff043f5df937120962668c8adfcd3f5b29 (diff)
[NETFILTER]: Use correct type for "ports" module parameter
With large port numbers the helper_names buffer can overflow. Noticed by Samir Bellabes <sbellabes@mandriva.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/netfilter/ip_conntrack_ftp.c')
-rw-r--r--net/ipv4/netfilter/ip_conntrack_ftp.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_ftp.c b/net/ipv4/netfilter/ip_conntrack_ftp.c
index 1b79ec36085..d77d6b3f5f8 100644
--- a/net/ipv4/netfilter/ip_conntrack_ftp.c
+++ b/net/ipv4/netfilter/ip_conntrack_ftp.c
@@ -29,9 +29,9 @@ static char *ftp_buffer;
static DEFINE_SPINLOCK(ip_ftp_lock);
#define MAX_PORTS 8
-static int ports[MAX_PORTS];
+static short ports[MAX_PORTS];
static int ports_c;
-module_param_array(ports, int, &ports_c, 0400);
+module_param_array(ports, short, &ports_c, 0400);
static int loose;
module_param(loose, int, 0600);
@@ -450,7 +450,7 @@ out_update_nl:
}
static struct ip_conntrack_helper ftp[MAX_PORTS];
-static char ftp_names[MAX_PORTS][10];
+static char ftp_names[MAX_PORTS][sizeof("ftp-65535")];
/* Not __exit: called from init() */
static void fini(void)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-01 17:25:37 +0000