summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2011-02-24 15:56:08 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2011-02-24 15:56:08 +0100
commitdb390dfaf234fac8150c40a05621adca4f7ca9b6 (patch)
tree10e42dbc2fdfaca6a0490a0aff1645b4ee4c280d
parent6d1b6c378b40dfb29490d397979df329e25089a3 (diff)
conntrack: fix subscript is above array bounds in secctx
> CC parse.lo > parse.c: In function ‘__parse_conntrack’: > parse.c:434:15: warning: array subscript is above array bounds > > struct nfattr *tb[CTA_SECCTX_MAX] > 434: ct->secctx = strdup(NFA_DATA(tb[CTA_SECCTX-1])) > > CTA_SECCTX has value 19, and CTA_SECCTX_MAX is just 1. Reported-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--src/conntrack/parse.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c
index 743e8d4..8f8a01c 100644
--- a/src/conntrack/parse.c
+++ b/src/conntrack/parse.c
@@ -431,7 +431,7 @@ __parse_secctx(const struct nfattr *attr, struct nf_conntrack *ct)
if (!tb[CTA_SECCTX_NAME-1])
return;
- ct->secctx = strdup(NFA_DATA(tb[CTA_SECCTX-1]));
+ ct->secctx = strdup(NFA_DATA(tb[CTA_SECCTX_NAME-1]));
if (ct->secctx)
set_bit(ATTR_SECCTX, ct->set);
}