From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>,
Florian Westphal <fw@strlen.de>,
"David S. Miller" <davem@davemloft.net>,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
"Gustavo A. R. Silva" <garsilva@embeddedor.com>
Subject: Re: [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy
Date: Sun, 11 Mar 2018 17:12:09 -0500 [thread overview]
Message-ID: <20df6b07-b3e7-7733-ee05-b12589bd287f@embeddedor.com> (raw)
In-Reply-To: <20180311220414.feda33aw72zw2rko@salvia>
Hi Pablo,
On 03/11/2018 05:04 PM, Pablo Neira Ayuso wrote:
> On Tue, Mar 06, 2018 at 12:47:55PM -0600, Gustavo A. R. Silva wrote:
>> In preparation to enabling -Wvla, remove VLA and replace it
>> with dynamic memory allocation.
>
> Looks good but...
>
>> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
>> ---
>> net/netfilter/nfnetlink_cttimeout.c | 12 ++++++++++--
>> 1 file changed, 10 insertions(+), 2 deletions(-)
>>
>> diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c
>> index 95b0470..a2f7d92 100644
>> --- a/net/netfilter/nfnetlink_cttimeout.c
>> +++ b/net/netfilter/nfnetlink_cttimeout.c
>> @@ -52,18 +52,26 @@ ctnl_timeout_parse_policy(void *timeouts,
>> struct net *net, const struct nlattr *attr)
>> {
>> int ret = 0;
>> + struct nlattr **tb = NULL;
>
> I think we don't need to initialize this, right?
>
We actually do have to initialized it because in the unlikely case that
the code block inside the 'if' below is not executed, then we will end
up freeing an uninitialized pointer.
Thanks
--
Gustavo
>>
>> if (likely(l4proto->ctnl_timeout.nlattr_to_obj)) {
>> - struct nlattr *tb[l4proto->ctnl_timeout.nlattr_max+1];
>> + tb = kcalloc(l4proto->ctnl_timeout.nlattr_max + 1, sizeof(*tb),
>> + GFP_KERNEL);
>> +
>> + if (!tb)
>> + return -ENOMEM;
>>
>> ret = nla_parse_nested(tb, l4proto->ctnl_timeout.nlattr_max,
>> attr, l4proto->ctnl_timeout.nla_policy,
>> NULL);
>> if (ret < 0)
>> - return ret;
>> + goto err;
>>
>> ret = l4proto->ctnl_timeout.nlattr_to_obj(tb, net, timeouts);
>> }
>> +
>> +err:
>> + kfree(tb);
>> return ret;
>> }
>>
>> --
>> 2.7.4
>>
next prev parent reply other threads:[~2018-03-11 22:12 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-06 18:47 [RFC] netfilter: cttimeout: remove VLA in ctnl_timeout_parse_policy Gustavo A. R. Silva
2018-03-11 22:04 ` Pablo Neira Ayuso
2018-03-11 22:12 ` Gustavo A. R. Silva [this message]
2018-03-11 22:21 ` Pablo Neira Ayuso
2018-03-11 22:45 ` Gustavo A. R. Silva
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20df6b07-b3e7-7733-ee05-b12589bd287f@embeddedor.com \
--to=gustavo@embeddedor.com \
--cc=coreteam@netfilter.org \
--cc=davem@davemloft.net \
--cc=fw@strlen.de \
--cc=garsilva@embeddedor.com \
--cc=kadlec@blackhole.kfki.hu \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).