From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nft PATCH 10/10] rule: Fix for potential off-by-one in cmd_add_loc()
Date: Fri, 11 Jun 2021 18:41:04 +0200 [thread overview]
Message-ID: <20210611164104.8121-11-phil@nwl.cc> (raw)
In-Reply-To: <20210611164104.8121-1-phil@nwl.cc>
Using num_attrs as index means it must be at max one less than the
array's size at function start.
Fixes: 27362a5bfa433 ("rule: larger number of error locations")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
src/rule.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rule.c b/src/rule.c
index dbbe744eee0d8..92daf2f33b76b 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1275,7 +1275,7 @@ struct cmd *cmd_alloc(enum cmd_ops op, enum cmd_obj obj,
void cmd_add_loc(struct cmd *cmd, uint16_t offset, const struct location *loc)
{
- if (cmd->num_attrs > NFT_NLATTR_LOC_MAX)
+ if (cmd->num_attrs >= NFT_NLATTR_LOC_MAX)
return;
cmd->attr[cmd->num_attrs].offset = offset;
--
2.31.1
prev parent reply other threads:[~2021-06-11 16:41 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-11 16:40 [nft PATCH 00/10] Some covscan fixes Phil Sutter
2021-06-11 16:40 ` [nft PATCH 01/10] parser_bison: Fix for implicit declaration of isalnum Phil Sutter
2021-06-11 16:40 ` [nft PATCH 02/10] parser_json: Fix for memleak in tcp option error path Phil Sutter
2021-06-11 16:40 ` [nft PATCH 03/10] evaluate: Mark fall through case in str2hooknum() Phil Sutter
2021-06-11 16:40 ` [nft PATCH 04/10] json: Drop pointless assignment in exthdr_expr_json() Phil Sutter
2021-06-11 16:40 ` [nft PATCH 05/10] netlink: Avoid memleak in error path of netlink_delinearize_set() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 06/10] netlink: Avoid memleak in error path of netlink_delinearize_chain() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 07/10] netlink: Avoid memleak in error path of netlink_delinearize_table() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 08/10] netlink: Avoid memleak in error path of netlink_delinearize_obj() Phil Sutter
2021-06-11 16:41 ` [nft PATCH 09/10] netlink_delinearize: Fix suspicious calloc() call Phil Sutter
2021-06-11 16:41 ` Phil Sutter [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210611164104.8121-11-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).