rpms / libnftnl

Clone
Source Code
GIT

Blame SOURCES/0006-expr-ct-prevent-array-index-overrun-in-ctkey2str.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   e5651a86d6a7391b4dd07b86a37c011f57749c93
  2.   SOURCES
  3.   0006-expr-ct-prevent-array-index-overrun-in-ctkey2str.patch
Blob History Raw
e5651a 
From 330acafe4d0dec5dfa3b110e26e24aaa189ea8dc Mon Sep 17 00:00:00 2001
e5651a 
From: Phil Sutter <psutter@redhat.com>
e5651a 
Date: Tue, 16 May 2017 12:32:00 +0200
e5651a 
Subject: [PATCH] expr/ct: prevent array index overrun in ctkey2str()
e5651a
e5651a 
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1353309
e5651a 
Upstream Status: libnftnl commit cca54d5e9c3f4
e5651a
e5651a 
commit cca54d5e9c3f436cd85bc55415c08bf671bfefe6
e5651a 
Author: Phil Sutter <phil@nwl.cc>
e5651a 
Date:   Fri Aug 12 01:33:35 2016 +0200
e5651a
e5651a 
    expr/ct: prevent array index overrun in ctkey2str()
e5651a
e5651a 
    The array has NFT_CT_MAX fields, so indices must be less than that
e5651a 
    number.
e5651a
e5651a 
    Fixes: 977b7a1dbe1bd ("ct: xml: use key names instead of numbers")
e5651a 
    Cc: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
e5651a 
    Signed-off-by: Phil Sutter <phil@nwl.cc>
e5651a 
    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
e5651a 
---
e5651a 
 src/expr/ct.c | 2 +-
e5651a 
 1 file changed, 1 insertion(+), 1 deletion(-)
e5651a
e5651a 
diff --git a/src/expr/ct.c b/src/expr/ct.c
e5651a 
index 7d96df4..1a53b49 100644
e5651a 
--- a/src/expr/ct.c
e5651a 
+++ b/src/expr/ct.c
e5651a 
@@ -173,7 +173,7 @@ static const char *ctkey2str_array[NFT_CT_MAX] = {
e5651a
e5651a 
 static const char *ctkey2str(uint32_t ctkey)
e5651a 
 {
e5651a 
-	if (ctkey > NFT_CT_MAX)
e5651a 
+	if (ctkey >= NFT_CT_MAX)
e5651a 
 		return "unknown";
e5651a
e5651a 
 	return ctkey2str_array[ctkey];
e5651a 
--
e5651a 
1.8.3.1
e5651a

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation