diff options
author | Phil Sutter <phil@nwl.cc> | 2024-01-26 18:43:10 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2024-02-01 14:51:30 +0100 |
commit | 2026b08bce7fe87b5964f7912e1eef30f04922c1 (patch) | |
tree | b19c827884a3e9512c6defeb94edbf48edf3a941 /libxtables/xtables.c | |
parent | c10d356c1a87b2181e148d6054c856c50d5b2159 (diff) |
nft: ruleparse: Add missing braces around ternary
The expression evaluated the sum before the ternay, consequently not
adding target->size if tgsize was zero.
Identified by ASAN for a simple rule using standard target:
| # ebtables -A INPUT -s de:ad:be:ef:0:00 -j RETURN
| # ebtables -D INPUT -s de:ad:be:ef:0:00 -j RETURN
| =================================================================
| ==18925==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000000120 at pc 0x7f627a4c75c5 bp 0x7ffe882b5180 sp 0x7ffe882b4928
| READ of size 8 at 0x603000000120 thread T0
| [...]
Fixes: 2a6eee89083c8 ("nft-ruleparse: Introduce nft_create_target()")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'libxtables/xtables.c')
0 files changed, 0 insertions, 0 deletions