diff options
author | Liping Zhang <zlpnobody@gmail.com> | 2017-03-20 22:35:22 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-03-24 13:25:13 +0100 |
commit | 5ed4ddea21f30e8829def3603b2d112766a756f2 (patch) | |
tree | c9dc118f3b180f12022d767d855cc50b78ffb914 /libnetfilter_cthelper.pc.in | |
parent | 5fec728cf69d137450e230a88793b1251176c035 (diff) |
src: fix incorrect building and parsing of the NFCTH_POLICY_SETX attribute
In nfct_helper_nlmsg_build_policy(), we always set the attribute type to
NFCTH_POLICY_SET, so we cannot add more than one nfct_helper_policy to
the kernel.
Also: in nfct_helper_nlmsg_parse_policy(), we will increase the
helper->policy_num for each nfct_helper_policy, but we mistakenly set it
to the total number of nfct_helper_policy. So when the total number is
more than 3, later out of bound access will happen.
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'libnetfilter_cthelper.pc.in')
0 files changed, 0 insertions, 0 deletions