[SRU][F:linux-bluefield][PATCH v1 2/3] netfilter: nft_set_bitmap: initialize set element extension in lookups
Bodong Wang
bodong at nvidia.com
Tue Feb 7 19:35:37 UTC 2023
From: Pablo Neira Ayuso <pablo at netfilter.org>
BugLink: https://bugs.launchpad.net/bugs/2006397
Otherwise, nft_lookup might dereference an uninitialized pointer to the
element extension.
Fixes: 665153ff5752 ("netfilter: nf_tables: add bitmap set type")
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
(cherry picked from commit 24791b9aa1ab09818617ff384876930e09ada0a3)
Signed-off-by: Bodong Wang <bodong at nvidia.com>
---
net/netfilter/nft_set_bitmap.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/netfilter/nft_set_bitmap.c b/net/netfilter/nft_set_bitmap.c
index 1cb2e67..6829a49 100644
--- a/net/netfilter/nft_set_bitmap.c
+++ b/net/netfilter/nft_set_bitmap.c
@@ -81,6 +81,7 @@ static bool nft_bitmap_lookup(const struct net *net, const struct nft_set *set,
u32 idx, off;
nft_bitmap_location(set, key, &idx, &off);
+ *ext = NULL;
return nft_bitmap_active(priv->bitmap, idx, off, genmask);
}
--
1.8.3.1
More information about the kernel-team
mailing list