diff mbox series

[22/26] netfilter: nft_set_bitmap: initialize set element extension in lookups

Message ID 20200330003708.54017-23-pablo@netfilter.org
State Changes Requested
Delegated to: Pablo Neira
Headers show
Series [01/26] netfilter: nf_tables: move nft_expr_clone() to nf_tables_api.c | expand

Commit Message

Pablo Neira Ayuso March 30, 2020, 12:37 a.m. UTC
Otherwise, nft_lookup might dereference an uninitialized pointer to the
element extension.

Fixes: 665153ff5752 ("netfilter: nf_tables: add bitmap set type")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 net/netfilter/nft_set_bitmap.c | 1 +
 1 file changed, 1 insertion(+)
diff mbox series


diff --git a/net/netfilter/nft_set_bitmap.c b/net/netfilter/nft_set_bitmap.c
index 1cb2e67e6e03..6829a497b4cc 100644
--- a/net/netfilter/nft_set_bitmap.c
+++ b/net/netfilter/nft_set_bitmap.c
@@ -81,6 +81,7 @@  static bool nft_bitmap_lookup(const struct net *net, const struct nft_set *set,
 	u32 idx, off;
 	nft_bitmap_location(set, key, &idx, &off);
+	*ext = NULL;
 	return nft_bitmap_active(priv->bitmap, idx, off, genmask);