From: Pablo Neira Ayuso <pablo@netfilter.org>
To: "Carlos Falgueras García" <carlosfg@riseup.net>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH 1/2 libnftnl] utils: Fix out of bound access in nftnl_family2str
Date: Mon, 15 Aug 2016 13:03:39 +0200 [thread overview]
Message-ID: <20160815110339.GA8028@salvia> (raw)
In-Reply-To: <20160815105103.22319-1-carlosfg@riseup.net>
On Mon, Aug 15, 2016 at 12:51:02PM +0200, Carlos Falgueras García wrote:
> Checks array limits before access it and adds a missed translation.
>
> Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net>
> ---
> src/utils.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/src/utils.c b/src/utils.c
> index e2715a2..7264d1f 100644
> --- a/src/utils.c
> +++ b/src/utils.c
> @@ -23,6 +23,7 @@
> #include <linux/netfilter/nf_tables.h>
>
> static const char *const nftnl_family_str[NFPROTO_NUMPROTO] = {
> + [NFPROTO_UNSPEC] = "unknown",
You don't need this line above, right? I can mangle the patch here
before applying it.
> [NFPROTO_INET] = "inet",
> [NFPROTO_IPV4] = "ip",
> [NFPROTO_ARP] = "arp",
> @@ -33,7 +34,7 @@ static const char *const nftnl_family_str[NFPROTO_NUMPROTO] = {
>
> const char *nftnl_family2str(uint32_t family)
> {
> - if (nftnl_family_str[family] == NULL)
> + if (family >= NFPROTO_NUMPROTO || !nftnl_family_str[family])
> return "unknown";
>
> return nftnl_family_str[family];
> --
> 2.8.3
>
next prev parent reply other threads:[~2016-08-15 11:03 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-11 13:25 [PATCH 1/2, libnftnl] tests: Consolidate printing error utilities Carlos Falgueras García
2016-08-11 13:25 ` [PATCH 2/2, libnftnl] Use libnftnl comparators in all tests Carlos Falgueras García
2016-08-11 23:32 ` Pablo Neira Ayuso
2016-08-12 20:16 ` Carlos Falgueras García
2016-08-15 12:23 ` [PATCH 1/2 v2 libnftnl] tests: Consolidate printing error utilities Carlos Falgueras García
2016-08-15 12:23 ` [PATCH 2/2 v2 libnftnl] test: Use libnftnl comparators in all tests Carlos Falgueras García
2016-08-15 12:27 ` Pablo Neira Ayuso
2016-08-16 10:30 ` [PATCH 1/3 v3 nft] tests: Consolidate printing error utilities Carlos Falgueras García
2016-08-16 10:30 ` [PATCH 2/3 v3 nft] tests: Use libnftnl comparators in all tests Carlos Falgueras García
2016-08-16 11:58 ` Pablo Neira Ayuso
2016-08-16 10:30 ` [PATCH 3/3 v3 nft] tests: Elimine static variable 'test_ok' Carlos Falgueras García
2016-08-12 20:17 ` [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access Carlos Falgueras García
2016-08-12 20:17 ` [PATCH 2/4, V2, libnftnl] tests: Fix wrong expression creation Carlos Falgueras García
2016-08-13 10:25 ` Pablo Neira Ayuso
2016-08-12 20:17 ` [PATCH 3/4, V2, libnftnl] tests: Consolidate printing error utilities Carlos Falgueras García
2016-08-12 20:17 ` [PATCH 4/4, V2, libnftnl] tests: Use libnftnl comparators in all tests Carlos Falgueras García
2016-08-13 10:12 ` [PATCH 1/4, V2, libnftnl] tests: Fix segfaults due outbound access Pablo Neira Ayuso
2016-08-13 15:25 ` Carlos Falgueras García
2016-08-15 9:12 ` Pablo Neira Ayuso
2016-08-15 10:27 ` [PATCH 1/2 libnftnl] expr: Improve bound checking in stringification functions Carlos Falgueras García
2016-08-15 10:27 ` [PATCH 2/2 libnftnl] expr: cmp: Use cmp2str() instead of directly access to array Carlos Falgueras García
2016-08-15 10:32 ` Pablo Neira Ayuso
2016-08-15 10:51 ` [PATCH 1/2 libnftnl] utils: Fix out of bound access in nftnl_family2str Carlos Falgueras García
2016-08-15 10:51 ` [PATCH 2/2 libnfntl] expr: cmp: Use cmp2str() instead of directly access to array Carlos Falgueras García
2016-08-15 11:49 ` Pablo Neira Ayuso
2016-08-15 11:03 ` Pablo Neira Ayuso [this message]
2016-08-15 11:45 ` [PATCH 1/2 libnftnl] utils: Fix out of bound access in nftnl_family2str Carlos Falgueras García
2016-08-15 11:46 ` Pablo Neira Ayuso
2016-08-15 10:32 ` [PATCH 1/2 libnftnl] expr: Improve bound checking in stringification functions Pablo Neira Ayuso
2016-08-11 23:26 ` [PATCH 1/2, libnftnl] tests: Consolidate printing error utilities Pablo Neira Ayuso
2016-08-12 20:16 ` Carlos Falgueras García
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160815110339.GA8028@salvia \
--to=pablo@netfilter.org \
--cc=carlosfg@riseup.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.