nftables/0012-netlink_delinearize-Fix-suspicious-calloc-call.patch

From d8322b08998a6945b659078b5cc4bd7423194f70 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Fri, 11 Jun 2021 17:02:01 +0200
Subject: [PATCH] netlink_delinearize: Fix suspicious calloc() call

Parameter passed to sizeof() was wrong. While being at it, replace the
whole call with xmalloc_array() which takes care of error checking.

Fixes: 913979f882d13 ("src: add expression handler hashtable")
Signed-off-by: Phil Sutter <phil@nwl.cc>
(cherry picked from commit c4058f96c6a55e4fcd49d4380ac07b5466ec01c0)
Signed-off-by: Phil Sutter <psutter@redhat.com>
---
 src/netlink_delinearize.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 7315072284119..152b3e6cf8c65 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1732,9 +1732,8 @@ void expr_handler_init(void)
 	unsigned int i;
 	uint32_t hash;
 
-	expr_handle_ht = calloc(NFT_EXPR_HSIZE, sizeof(expr_handle_ht));
-	if (!expr_handle_ht)
-		memory_allocation_error();
+	expr_handle_ht = xmalloc_array(NFT_EXPR_HSIZE,
+				       sizeof(expr_handle_ht[0]));
 
 	for (i = 0; i < array_size(netlink_parsers); i++) {
 		hash = djb_hash(netlink_parsers[i].name) % NFT_EXPR_HSIZE;
-- 
2.31.1
nftables-0.9.8-4.el9 - Install an improved sample config - Fix permissions of osf-related configs - rule: Fix for potential off-by-one in cmd_add_loc() - netlink_delinearize: Fix suspicious calloc() call - netlink: Avoid memleak in error path of netlink_delinearize_obj() - netlink: Avoid memleak in error path of netlink_delinearize_table() - netlink: Avoid memleak in error path of netlink_delinearize_chain() - netlink: Avoid memleak in error path of netlink_delinearize_set() - json: Drop pointless assignment in exthdr_expr_json() - evaluate: Mark fall through case in str2hooknum() - parser_json: Fix for memleak in tcp option error path - parser_bison: Fix for implicit declaration of isalnum - main: fix nft --help output fallout from 719e4427 - tests: add icmp/6 test where dependency should be left alone - payload: check icmp dependency before removing previous icmp expression Resolves: rhbz#1933117, rhbz#1938823, rhbz#1931790, rhbz#1964987, rhbz#1971600 2021-06-14 12:28:37 +00:00			`From d8322b08998a6945b659078b5cc4bd7423194f70 Mon Sep 17 00:00:00 2001`
			`From: Phil Sutter <phil@nwl.cc>`
			`Date: Fri, 11 Jun 2021 17:02:01 +0200`
			`Subject: [PATCH] netlink_delinearize: Fix suspicious calloc() call`

			`Parameter passed to sizeof() was wrong. While being at it, replace the`
			`whole call with xmalloc_array() which takes care of error checking.`

			`Fixes: 913979f882d13 ("src: add expression handler hashtable")`
			`Signed-off-by: Phil Sutter <phil@nwl.cc>`
			`(cherry picked from commit c4058f96c6a55e4fcd49d4380ac07b5466ec01c0)`
			`Signed-off-by: Phil Sutter <psutter@redhat.com>`
			`---`
			`src/netlink_delinearize.c \| 5 ++---`
			`1 file changed, 2 insertions(+), 3 deletions(-)`

			`diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c`
			`index 7315072284119..152b3e6cf8c65 100644`
			`--- a/src/netlink_delinearize.c`
			`+++ b/src/netlink_delinearize.c`
			`@@ -1732,9 +1732,8 @@ void expr_handler_init(void)`
			`unsigned int i;`
			`uint32_t hash;`

			`- expr_handle_ht = calloc(NFT_EXPR_HSIZE, sizeof(expr_handle_ht));`
			`- if (!expr_handle_ht)`
			`- memory_allocation_error();`
			`+ expr_handle_ht = xmalloc_array(NFT_EXPR_HSIZE,`
			`+ sizeof(expr_handle_ht[0]));`

			`for (i = 0; i < array_size(netlink_parsers); i++) {`
			`hash = djb_hash(netlink_parsers[i].name) % NFT_EXPR_HSIZE;`
			`--`
			`2.31.1`