diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-09-03 12:18:43 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-09-03 12:18:43 +0200 |
| commit | 9d2c667b951fa67f70bebc863f005dd1d10de91c (patch) | |
| tree | 33423f0ede8b2d233228ab8bf6641e99161a5014 /include | |
| parent | cf3be894fcb95adb360425c8482954522e9110d2 (diff) | |
| download | conntrack-tools-9d2c667b951fa67f70bebc863f005dd1d10de91c.tar.gz conntrack-tools-9d2c667b951fa67f70bebc863f005dd1d10de91c.zip | |
conntrackd: net message memory allocation is unsafe
We cannot assume that we will not write in the net message before we
send it, because the memory allocated for the net message (__net) is
only reserved in BUILD_NETMSG (because of the { } block in it).
This patch marks the buffer as static to avoid this problem.
Based on a patch from Samuel Gauthier <samuel.gauthier@6wind.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/network.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/network.h b/include/network.h index 3248245..dfc3015 100644 --- a/include/network.h +++ b/include/network.h @@ -81,7 +81,7 @@ enum { #define BUILD_NETMSG(ct, query) \ ({ \ - char __net[4096]; \ + static char __net[4096]; \ struct nethdr *__hdr = (struct nethdr *) __net; \ memset(__hdr, 0, NETHDR_SIZ); \ nethdr_set(__hdr, query); \ |