[][SnS mtk_sw_nat_hook_tx crush] [Description] Add sanity check for hnat entry and ppe num. [Release-log] N/A Change-Id: I5cc4c88b4b6585b940cf922d2ca3265894e3697e Reviewed-on: https://gerrit.mediatek.inc/c/openwrt/feeds/mtk_openwrt_feeds/+/4793483

commit: 955a6f681f76786693698e8aa4a96d8a0dfbcab8 [log] [tgz]
author: developer <developer@mediatek.com> Mon Jul 26 10:54:39 2021 +0800
committer: developer <developer@mediatek.com> Mon Jul 26 11:18:50 2021 +0800
tree: c113376114d675366cbf52e3525f15b20285589b
parent: 877812f2a38408c59c3d5c5ea2ae5dd86b4d5ba4 [diff]
diff --git a/target/linux/mediatek/files-5.4/drivers/net/ethernet/mediatek/mtk_hnat/hnat_nf_hook.c b/target/linux/mediatek/files-5.4/drivers/net/ethernet/mediatek/mtk_hnat/hnat_nf_hook.c
index ec5e469..c0fce1c 100644
--- a/target/linux/mediatek/files-5.4/drivers/net/ethernet/mediatek/mtk_hnat/hnat_nf_hook.c
+++ b/target/linux/mediatek/files-5.4/drivers/net/ethernet/mediatek/mtk_hnat/hnat_nf_hook.c

@@ -1571,6 +1571,10 @@
 	if (!skb_hnat_is_hashed(skb))
 		return NF_ACCEPT;
 
+	if (skb_hnat_entry(skb) >= hnat_priv->foe_etry_num ||
+	    skb_hnat_ppe(skb) >= CFG_PPE_NUM)
+		return NF_ACCEPT;
+
 	entry = &hnat_priv->foe_table_cpu[skb_hnat_ppe(skb)][skb_hnat_entry(skb)];
 	if (entry_hnat_is_bound(entry))
 		return NF_ACCEPT;
commit	955a6f681f76786693698e8aa4a96d8a0dfbcab8	[log] [tgz]
author	developer <developer@mediatek.com>	Mon Jul 26 10:54:39 2021 +0800
committer	developer <developer@mediatek.com>	Mon Jul 26 11:18:50 2021 +0800
tree	c113376114d675366cbf52e3525f15b20285589b
parent	877812f2a38408c59c3d5c5ea2ae5dd86b4d5ba4 [diff]