Re: [PATCH] netfilter: x_tables: Use unsafe_memcpy() for 0-sized destination

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Fri, Feb 16, 2024 at 03:31:32PM -0800, Kees Cook wrote:
> The struct xt_entry_target fake flexible array has not be converted to a
> true flexible array, which is mainly blocked by it being both UAPI and
> used in the middle of other structures. In order to properly check for
> 0-sized destinations in memcpy(), an exception must be made for the one
> place where it is still a destination. Since memcpy() was already
> skipping checks for 0-sized destinations, using unsafe_memcpy() is no
> change in behavior.
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Reviewed-by: Simon Horman <horms@xxxxxxxxxx>

[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux