common: Avoid integer overflow in nftnl_batch_is_supported()

time() may return -1 which is then assigned to an unsigned integer type and used as sequence number. The following code increments that number multiple times, so it may overflow and get libmnl confused. To avoid this, fall back to a starting sequence number of zero in case the call to time() failed. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2016-08-12 01:33:37 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2016-08-12 01:45:40 +0200
commit: d26feca2c9c19b650b5a7554b5a412ceca990b7a (patch)
tree: 8656f3cad4c3b83c2751e6bdaba8f91239b7a48b /src
parent: e381cd99e9eb0e9519a976c8288f6b9e051ada3a (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/common.c b/src/common.c
index bf4176c..2189cc8 100644
--- a/src/common.c
+++ b/src/common.c
@@ -192,6 +192,9 @@ int nftnl_batch_is_supported(void)
 	uint32_t seq = time(NULL), req_seq;
 	int ret;
 
+	if (seq == (uint32_t)-1)
+		seq = 0;
+
 	nl = mnl_socket_open(NETLINK_NETFILTER);
 	if (nl == NULL)
 		return -1;
author	Phil Sutter <phil@nwl.cc>	2016-08-12 01:33:37 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2016-08-12 01:45:40 +0200
commit	d26feca2c9c19b650b5a7554b5a412ceca990b7a (patch)
tree	8656f3cad4c3b83c2751e6bdaba8f91239b7a48b /src
parent	e381cd99e9eb0e9519a976c8288f6b9e051ada3a (diff)