laurenceman / rpms / iptables

Forked from rpms/iptables 5 years ago
Clone
Source Code
GIT

Blame SOURCES/ip-6-tables-restore-Fix-for-uninitialized-array-curt.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c8 c8-beta
  1.   c7
  2.   SOURCES
  3.   ip-6-tables-restore-Fix-for-uninitialized-array-curt.patch
Blob History Raw
9a3fa7 
From 721bb877b759a0c92e6b019447fd3ee33d123cc0 Mon Sep 17 00:00:00 2001
9a3fa7 
From: Phil Sutter <psutter@redhat.com>
9a3fa7 
Date: Fri, 15 Mar 2019 17:50:10 +0100
9a3fa7 
Subject: [PATCH] ip{, 6}tables-restore: Fix for uninitialized array 'curtable'
9a3fa7
9a3fa7 
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1525980
9a3fa7 
Upstream Status: iptables commit 4e499d53d558b
9a3fa7
9a3fa7 
commit 4e499d53d558bed55c8fe74390250dbfd6da3efc
9a3fa7 
Author: Phil Sutter <phil@nwl.cc>
9a3fa7 
Date:   Wed Sep 19 15:16:46 2018 +0200
9a3fa7
9a3fa7 
    ip{, 6}tables-restore: Fix for uninitialized array 'curtable'
9a3fa7
9a3fa7 
    When reading sufficiently malformed input, parser might hit end of
9a3fa7 
    loop without having written the current table name into curtable and
9a3fa7 
    therefore calling strcmp() with uninitialized buffer. Avoid this by
9a3fa7 
    setting curtable to zero upon declaration.
9a3fa7
9a3fa7 
    Signed-off-by: Phil Sutter <phil@nwl.cc>
9a3fa7 
    Signed-off-by: Florian Westphal <fw@strlen.de>
9a3fa7
9a3fa7 
Signed-off-by: Phil Sutter <psutter@redhat.com>
9a3fa7 
---
9a3fa7 
 iptables/ip6tables-restore.c | 2 +-
9a3fa7 
 iptables/iptables-restore.c  | 2 +-
9a3fa7 
 2 files changed, 2 insertions(+), 2 deletions(-)
9a3fa7
9a3fa7 
diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
9a3fa7 
index e2a82c57bd426..d610360a1c1ff 100644
9a3fa7 
--- a/iptables/ip6tables-restore.c
9a3fa7 
+++ b/iptables/ip6tables-restore.c
9a3fa7 
@@ -192,7 +192,7 @@ int ip6tables_restore_main(int argc, char *argv[])
9a3fa7 
 	struct xtc_handle *handle = NULL;
9a3fa7 
 	char buffer[10240];
9a3fa7 
 	int c, lock;
9a3fa7 
-	char curtable[XT_TABLE_MAXNAMELEN + 1];
9a3fa7 
+	char curtable[XT_TABLE_MAXNAMELEN + 1] = {};
9a3fa7 
 	FILE *in;
9a3fa7 
 	int in_table = 0, testing = 0;
9a3fa7 
 	const char *tablename = NULL;
9a3fa7 
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
9a3fa7 
index af0c79408631d..db77fb77b3c98 100644
9a3fa7 
--- a/iptables/iptables-restore.c
9a3fa7 
+++ b/iptables/iptables-restore.c
9a3fa7 
@@ -191,7 +191,7 @@ iptables_restore_main(int argc, char *argv[])
9a3fa7 
 	struct xtc_handle *handle = NULL;
9a3fa7 
 	char buffer[10240];
9a3fa7 
 	int c, lock;
9a3fa7 
-	char curtable[XT_TABLE_MAXNAMELEN + 1];
9a3fa7 
+	char curtable[XT_TABLE_MAXNAMELEN + 1] = {};
9a3fa7 
 	FILE *in;
9a3fa7 
 	int in_table = 0, testing = 0;
9a3fa7 
 	const char *tablename = NULL;
9a3fa7 
--
9a3fa7 
2.21.0
9a3fa7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation