| Message ID | 20191015141745.11908-1-phil@nwl.cc |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [nft] mnl: Don't use nftnl_set_set() | expand |
On Tue, Oct 15, 2019 at 04:17:45PM +0200, Phil Sutter wrote: > The function is unsafe to use as it effectively bypasses data length > checks. Instead use nftnl_set_set_str() which at least asserts a const > char pointer is passed. > > Signed-off-by: Phil Sutter <phil@nwl.cc> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
diff --git a/src/mnl.c b/src/mnl.c index 14fa4a7186fd3..75ab07b045aa5 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -945,7 +945,7 @@ mnl_nft_set_dump(struct netlink_ctx *ctx, int family, const char *table) nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETSET, family, NLM_F_DUMP, ctx->seqnum); if (table != NULL) - nftnl_set_set(s, NFTNL_SET_TABLE, table); + nftnl_set_set_str(s, NFTNL_SET_TABLE, table); nftnl_set_nlmsg_build_payload(nlh, s); nftnl_set_free(s);
The function is unsafe to use as it effectively bypasses data length checks. Instead use nftnl_set_set_str() which at least asserts a const char pointer is passed. Signed-off-by: Phil Sutter <phil@nwl.cc> --- src/mnl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)