summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2019-10-04 21:44:14 +0200
committerPhil Sutter <phil@nwl.cc>2019-10-15 19:34:12 +0200
commit00b144bc9d093dbdd1a3690dc8e8fb90b5447f2d (patch)
treeb9f6d50a72a20f17b68ba77d61b4922a7ff3886b /include
parent0d5bb960b2f953c71fff15f88c8f0c331a1fa965 (diff)
obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data()
Array 'tb' has only 'attr_max' elements, the loop overstepped its boundary by one. Copy array_size() macro from include/utils.h in nftables.git to make sure code does the right thing. Fixes: 0adceeab1597a ("src: add ct timeout support") Signed-off-by: Phil Sutter <phil@nwl.cc> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r--include/utils.h8
1 files changed, 8 insertions, 0 deletions
diff --git a/include/utils.h b/include/utils.h
index 3cc6596..91fbebb 100644
--- a/include/utils.h
+++ b/include/utils.h
@@ -58,6 +58,14 @@ void __nftnl_assert_attr_exists(uint16_t attr, uint16_t attr_max,
ret = remain; \
remain -= ret; \
+
+#define BUILD_BUG_ON_ZERO(e) (sizeof(char[1 - 2 * !!(e)]) - 1)
+
+#define __must_be_array(a) \
+ BUILD_BUG_ON_ZERO(__builtin_types_compatible_p(typeof(a), typeof(&a[0])))
+
+#define array_size(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))
+
const char *nftnl_family2str(uint32_t family);
int nftnl_str2family(const char *family);