From 6c4ec15505b9fe878ade0b3e7cdbc8f0a26861cd Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 17 Feb 2011 18:29:26 +0100
Subject: conntrackd: use nfct_copy() with override flag in cache_object_new()

Using memcpy() is not safe, it breaks secctx and it may break
more things in the future. Moreover, nfct_size*() functions will
be deprecated soon, they are evil since they open the window
to memcpy().

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/cache.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/cache.c b/src/cache.c
index 74c5c4b..f411121 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -193,7 +193,7 @@ struct cache_object *cache_object_new(struct cache *c, struct nf_conntrack *ct)
 		c->stats.add_fail_enomem++;
 		return NULL;
 	}
-	memcpy(obj->ct, ct, nfct_sizeof(ct));
+	nfct_copy(obj->ct, ct, NFCT_CP_OVERRIDE);
 	obj->status = C_OBJ_NONE;
 	c->stats.objects++;
 
-- 
cgit v1.2.3