[iptables PATCH 06/13] extensions: MARK: Sanitize MARK_xlate()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Since markinfo->mode might contain unexpected values, add a default case
returning zero.

Fixes: afefc7a134ca0 ("extensions: libxt_MARK: Add translation for revision 1 to nft")
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
 extensions/libxt_MARK.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index 1536563d0f4c7..100f6a38996ac 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -366,6 +366,8 @@ static int MARK_xlate(struct xt_xlate *xl,
 	case XT_MARK_OR:
 		xt_xlate_add(xl, "mark or 0x%x ", (uint32_t)markinfo->mark);
 		break;
+	default:
+		return 0;
 	}
 
 	return 1;
-- 
2.38.0
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux