859c03055c
* Tue Feb 21 2023 Phil Sutter <psutter@redhat.com> [1.0.4-10.el9] - netlink_delinearize: Sanitize concat data element decoding (Phil Sutter) [2160049] - optimize: Clarify chain_optimize() array allocations (Phil Sutter) [2160049] - optimize: Do not return garbage from stack (Phil Sutter) [2160049] - netlink: Fix for potential NULL-pointer deref (Phil Sutter) [2160049] - meta: parse_iso_date() returns boolean (Phil Sutter) [2160049] - mnl: dump_nf_hooks() leaks memory in error path (Phil Sutter) [2160049] - owner: Fix potential array out of bounds access (Phil Sutter) [2160049] Resolves: rhbz#2160049
43 lines
1.3 KiB
Diff
43 lines
1.3 KiB
Diff
From 9b3e5589c5e1b6ced176ce33f59774a3b1d28c36 Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <psutter@redhat.com>
|
|
Date: Tue, 21 Feb 2023 19:50:41 +0100
|
|
Subject: [PATCH] optimize: Do not return garbage from stack
|
|
|
|
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2160049
|
|
Upstream Status: nftables commit d4d47e5bdf943
|
|
|
|
commit d4d47e5bdf943be494aeb5d5a29b8f5212acbddf
|
|
Author: Phil Sutter <phil@nwl.cc>
|
|
Date: Fri Jan 13 17:09:53 2023 +0100
|
|
|
|
optimize: Do not return garbage from stack
|
|
|
|
If input does not contain a single 'add' command (unusual, but
|
|
possible), 'ret' value was not initialized by nft_optimize() before
|
|
returning its value.
|
|
|
|
Fixes: fb298877ece27 ("src: add ruleset optimization infrastructure")
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
|
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
---
|
|
src/optimize.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/optimize.c b/src/optimize.c
|
|
index 3a3049d..6514cbb 100644
|
|
--- a/src/optimize.c
|
|
+++ b/src/optimize.c
|
|
@@ -1017,7 +1017,7 @@ static int cmd_optimize(struct nft_ctx *nft, struct cmd *cmd)
|
|
int nft_optimize(struct nft_ctx *nft, struct list_head *cmds)
|
|
{
|
|
struct cmd *cmd;
|
|
- int ret;
|
|
+ int ret = 0;
|
|
|
|
list_for_each_entry(cmd, cmds, list) {
|
|
switch (cmd->op) {
|
|
--
|
|
2.39.2
|
|
|