|
|
4cfa1d |
From 9a41628f4206efe645f5a058a7d71a4503b5869a Mon Sep 17 00:00:00 2001
|
|
|
4cfa1d |
From: Phil Sutter <psutter@redhat.com>
|
|
|
4cfa1d |
Date: Tue, 21 Feb 2023 19:50:41 +0100
|
|
|
4cfa1d |
Subject: [PATCH] optimize: Clarify chain_optimize() array allocations
|
|
|
4cfa1d |
|
|
|
4cfa1d |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2160049
|
|
|
4cfa1d |
Upstream Status: nftables commit b83a0416cdc88
|
|
|
4cfa1d |
|
|
|
4cfa1d |
commit b83a0416cdc881c6ac35739cd858e4fe5fb2e04f
|
|
|
4cfa1d |
Author: Phil Sutter <phil@nwl.cc>
|
|
|
4cfa1d |
Date: Tue Jan 10 22:13:44 2023 +0100
|
|
|
4cfa1d |
|
|
|
4cfa1d |
optimize: Clarify chain_optimize() array allocations
|
|
|
4cfa1d |
|
|
|
4cfa1d |
Arguments passed to sizeof() where deemed suspicious by covscan due to
|
|
|
4cfa1d |
the different type. Consistently specify size of an array 'a' using
|
|
|
4cfa1d |
'sizeof(*a) * nmemb'.
|
|
|
4cfa1d |
|
|
|
4cfa1d |
For the statement arrays in stmt_matrix, even use xzalloc_array() since
|
|
|
4cfa1d |
the item count is fixed and therefore can't be zero.
|
|
|
4cfa1d |
|
|
|
4cfa1d |
Fixes: fb298877ece27 ("src: add ruleset optimization infrastructure")
|
|
|
4cfa1d |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
4cfa1d |
|
|
|
4cfa1d |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
4cfa1d |
---
|
|
|
4cfa1d |
src/optimize.c | 7 ++++---
|
|
|
4cfa1d |
1 file changed, 4 insertions(+), 3 deletions(-)
|
|
|
4cfa1d |
|
|
|
4cfa1d |
diff --git a/src/optimize.c b/src/optimize.c
|
|
|
4cfa1d |
index 6514cbb..baa6abc 100644
|
|
|
4cfa1d |
--- a/src/optimize.c
|
|
|
4cfa1d |
+++ b/src/optimize.c
|
|
|
4cfa1d |
@@ -918,10 +918,11 @@ static int chain_optimize(struct nft_ctx *nft, struct list_head *rules)
|
|
|
4cfa1d |
ctx->num_rules++;
|
|
|
4cfa1d |
}
|
|
|
4cfa1d |
|
|
|
4cfa1d |
- ctx->rule = xzalloc(sizeof(ctx->rule) * ctx->num_rules);
|
|
|
4cfa1d |
- ctx->stmt_matrix = xzalloc(sizeof(struct stmt *) * ctx->num_rules);
|
|
|
4cfa1d |
+ ctx->rule = xzalloc(sizeof(*ctx->rule) * ctx->num_rules);
|
|
|
4cfa1d |
+ ctx->stmt_matrix = xzalloc(sizeof(*ctx->stmt_matrix) * ctx->num_rules);
|
|
|
4cfa1d |
for (i = 0; i < ctx->num_rules; i++)
|
|
|
4cfa1d |
- ctx->stmt_matrix[i] = xzalloc(sizeof(struct stmt *) * MAX_STMTS);
|
|
|
4cfa1d |
+ ctx->stmt_matrix[i] = xzalloc_array(MAX_STMTS,
|
|
|
4cfa1d |
+ sizeof(**ctx->stmt_matrix));
|
|
|
4cfa1d |
|
|
|
4cfa1d |
merge = xzalloc(sizeof(*merge) * ctx->num_rules);
|
|
|
4cfa1d |
|
|
|
4cfa1d |
--
|
|
|
4cfa1d |
2.39.2
|
|
|
4cfa1d |
|