Jan Engelhardt wrote:
Patrick McHardy wrote, I remember:
What about PF_DECnet?
Good spot. Netfilter would have crashed when trying to access
nf_hooks[PF_DECnet], because the array was not big enough. Added
NFPROTO_DECNET which implies an increased NFPROTO_NUMPROTO so that the
out-of-bounds access is gone.
commit e3666c7f73328a3762136f07e29e52386d05d21e
Author: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Date: Wed Aug 13 19:38:42 2008 -0400
[NETFILTER]: Introduce NFPROTO_* constants
The netfilter subsystem only supports a handful of protocols (much
less than PF_*) and even non-PF protocols like ARP and
pseudo-protocols like PF_BRIDGE. By creating NFPROTO_*, we can earn a
few memory savings on arrays that previously were always PF_MAX-sized
and keep the pseudo-protocols to ourselves.
Looks great, applied.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
