The following series aims at fixing a number of issues identified by Coverity tool. Due to limited familiarity with the whole code layout, I am not sure all of them are really valid, but I tried my best to verify the concerns are legitimate and worth fixing. Phil Sutter (7): set: prevent memleak in nftnl_jansson_parse_set_info() ruleset: Prevent memleak in nftnl_ruleset_snprintf_*() functions expr/ct: prevent array index overrun in ctkey2str() expr/limit: Drop unreachable code in limit_to_type() common: Avoid integer overflow in nftnl_batch_is_supported() Avoid returning uninitialized data ruleset: Initialize ctx.flags before calling nftnl_ruleset_ctx_set() src/chain.c | 2 +- src/common.c | 3 +++ src/expr/ct.c | 2 +- src/expr/limit.c | 1 - src/rule.c | 2 +- src/ruleset.c | 18 ++++++++++++++++++ src/set.c | 12 ++++++------ src/table.c | 2 +- 8 files changed, 31 insertions(+), 11 deletions(-) -- 2.8.2 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
