Re: [nft PATCH] mnl: Don't use nftnl_set_set()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [nft PATCH] mnl: Don't use nftnl_set_set()
From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Date: Tue, 15 Oct 2019 16:30:25 +0200
Cc: netfilter-devel@xxxxxxxxxxxxxxx
In-reply-to: <20191015141745.11908-1-phil@nwl.cc>
User-agent: NeoMutt/20170113 (1.7.2)

On Tue, Oct 15, 2019 at 04:17:45PM +0200, Phil Sutter wrote:
> The function is unsafe to use as it effectively bypasses data length
> checks. Instead use nftnl_set_set_str() which at least asserts a const
> char pointer is passed.
> 
> Signed-off-by: Phil Sutter <phil@xxxxxx>

Acked-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>

References:
- [nft PATCH] mnl: Don't use nftnl_set_set()
  - From: Phil Sutter

Prev by Date: [nft PATCH] mnl: Don't use nftnl_set_set()
Next by Date: Re: [libnftnl PATCH 1/6] obj: ct_timeout: Check return code of mnl_attr_parse_nested()
Previous by thread: [nft PATCH] mnl: Don't use nftnl_set_set()
Next by thread: [libnftnl PATCH v2] set_elem: Validate nftnl_set_elem_set() parameters
Index(es):
- Date
- Thread

[Index of Archives] [Netfitler Users] [Berkeley Packet Filter] [LARTC] [Bugtraq] [Yosemite Forum]

Powered by Linux