The function is unsafe to use as it effectively bypasses data length checks. Instead use nftnl_set_set_str() which at least asserts a const char pointer is passed. Signed-off-by: Phil Sutter <phil@xxxxxx> --- src/mnl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mnl.c b/src/mnl.c index 14fa4a7186fd3..75ab07b045aa5 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -945,7 +945,7 @@ mnl_nft_set_dump(struct netlink_ctx *ctx, int family, const char *table) nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETSET, family, NLM_F_DUMP, ctx->seqnum); if (table != NULL) - nftnl_set_set(s, NFTNL_SET_TABLE, table); + nftnl_set_set_str(s, NFTNL_SET_TABLE, table); nftnl_set_nlmsg_build_payload(nlh, s); nftnl_set_free(s); -- 2.23.0
