Blame SOURCES/0003-xtables-restore-Avoid-access-of-uninitialized-data.patch
|
 |
6ef253 |
From 5ee8338b9f1b5c02efca1a33185cf648cdf1aa20 Mon Sep 17 00:00:00 2001
|
|
|
6ef253 |
From: Phil Sutter <phil@nwl.cc>
|
|
|
6ef253 |
Date: Thu, 5 Dec 2019 11:40:26 +0100
|
|
|
6ef253 |
Subject: [PATCH] xtables-restore: Avoid access of uninitialized data
|
|
|
6ef253 |
|
|
|
6ef253 |
When flushing, 'buffer' is not written to prior to checking its first
|
|
|
6ef253 |
byte's value. Therefore it needs to be initialized upon declaration.
|
|
|
6ef253 |
|
|
|
6ef253 |
Fixes: 09cb517949e69 ("xtables-restore: Improve performance of --noflush operation")
|
|
|
6ef253 |
(cherry picked from commit 48be21bf39f9af35d53af0e211cbd50dcfd12d08)
|
|
|
6ef253 |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
6ef253 |
---
|
|
|
6ef253 |
iptables/xtables-restore.c | 2 +-
|
|
|
6ef253 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
6ef253 |
|
|
|
6ef253 |
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
|
|
|
6ef253 |
index dd907e0b8ddd5..63cc15cee9621 100644
|
|
|
6ef253 |
--- a/iptables/xtables-restore.c
|
|
|
6ef253 |
+++ b/iptables/xtables-restore.c
|
|
|
6ef253 |
@@ -281,7 +281,7 @@ void xtables_restore_parse(struct nft_handle *h,
|
|
|
6ef253 |
const struct nft_xt_restore_parse *p)
|
|
|
6ef253 |
{
|
|
|
6ef253 |
struct nft_xt_restore_state state = {};
|
|
|
6ef253 |
- char preload_buffer[PREBUFSIZ] = {}, buffer[10240], *ptr;
|
|
|
6ef253 |
+ char preload_buffer[PREBUFSIZ] = {}, buffer[10240] = {}, *ptr;
|
|
|
6ef253 |
|
|
|
6ef253 |
if (!h->noflush) {
|
|
|
6ef253 |
nft_fake_cache(h);
|
|
|
6ef253 |
--
|
|
|
6ef253 |
2.24.0
|
|
|
6ef253 |
|