From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nft PATCH 10/10] rule: Fix for potential off-by-one in cmd_add_loc()
Date: Fri, 11 Jun 2021 18:41:04 +0200 [thread overview]
Message-ID: <20210611164104.8121-11-phil@nwl.cc> (raw)
In-Reply-To: <20210611164104.8121-1-phil@nwl.cc>
Using num_attrs as index means it must be at max one less than the
array's size at function start.
Fixes: 27362a5bfa433 ("rule: larger number of error locations")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
src/rule.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rule.c b/src/rule.c
index dbbe744eee0d8..92daf2f33b76b 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1275,7 +1275,7 @@ struct cmd *cmd_alloc(enum cmd_ops op, enum cmd_obj obj,
void cmd_add_loc(struct cmd *cmd, uint16_t offset, const struct location *loc)
{
- if (cmd->num_attrs > NFT_NLATTR_LOC_MAX)
+ if (cmd->num_attrs >= NFT_NLATTR_LOC_MAX)
return;
cmd->attr[cmd->num_attrs].offset = offset;
--
2.31.1
prev parent reply other threads:[~2021-06-11 16:41 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-11 16:40 [nft PATCH 00/10] Some covscan fixes Phil Sutter
2021-06-11 16:40 ` [nft PATCH 01/10] parser_bison: Fix for implicit declaration of isalnum Phil Sutter
2021-06-11 16:40 ` [nft PATCH 02/10] parser_json: Fix for memleak in tcp option error path Phil Sutter
2021-06-11 16:40 ` [nft PATCH 03/10] evaluate: Mark fall through case in str2hooknum() Phil Sutter
2021-06-11 16:40 ` [nft PATCH 04/10] json: Drop pointless assignment in exthdr_expr_json() Phil Sutter
2021-06-11 16:40 ` [nft PATCH 05/10] netlink: Avoid memleak in error path of netlink_delinearize_set() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 06/10] netlink: Avoid memleak in error path of netlink_delinearize_chain() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 07/10] netlink: Avoid memleak in error path of netlink_delinearize_table() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 08/10] netlink: Avoid memleak in error path of netlink_delinearize_obj() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 09/10] netlink_delinearize: Fix suspicious calloc() call Phil Sutter
2021-06-11 16:41 ` Phil Sutter [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210611164104.8121-11-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.