diff options
author | Phil Sutter <phil@nwl.cc> | 2018-12-20 21:03:27 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-21 12:04:40 +0100 |
commit | 16c44d9f42170264c4d484478c76e940951f1b70 (patch) | |
tree | 01e339a5fda2f5502dba0a28acf953c3de4a5637 /src/object.c | |
parent | 7170f0929ef50a1a45d9fd5d058ea6178c8e56ef (diff) |
object: Avoid obj_ops array overrun
In version 1.1.1, obj_ops array was smaller than __NFT_OBJECT_MAX since
there are no ops for NFT_OBJECT_CONNLIMIT. Avoid this potential issue in
the future by defining the array size.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/object.c')
-rw-r--r-- | src/object.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/object.c b/src/object.c index e88203a..5c8d183 100644 --- a/src/object.c +++ b/src/object.c @@ -25,7 +25,7 @@ #include <buffer.h> #include "obj.h" -static struct obj_ops *obj_ops[] = { +static struct obj_ops *obj_ops[__NFT_OBJECT_MAX] = { [NFT_OBJECT_COUNTER] = &obj_ops_counter, [NFT_OBJECT_QUOTA] = &obj_ops_quota, [NFT_OBJECT_CT_HELPER] = &obj_ops_ct_helper, |