On Wed, Dec 04, 2024 at 03:30:56PM +0100, Pablo Neira Ayuso wrote: > Hi Phil, > > On Wed, Nov 27, 2024 at 07:01:01PM +0100, Phil Sutter wrote: > > Assuming max data_len of 16 * 4B and no zero bytes in 'data': > > The while loop will increment field_count, use it as index for the > > field_len array and afterwards make sure it hasn't increased to > > NFT_REG32_COUNT. Thus a value of NFT_REG32_COUNT - 1 (= 15) will pass > > the check, get incremented to 16 and used as index to the 16 fields long > > array. > > Use a less fancy for-loop to avoid the increment vs. check problem. > > for-loop is indeed better. > > Patch LGTM, thanks. > > > Fixes: 407f616ea5318 ("set: buffer overflow in NFTNL_SET_DESC_CONCAT setter") > > Signed-off-by: Phil Sutter <phil@xxxxxx> > > Reviewed-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> Series applied, thanks!