]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0290c88) | patch
netfilter: conntrack: Use memset_startat() to zero struct nf_conn
authorKees Cook <keescook@chromium.org>
Thu, 18 Nov 2021 20:31:13 +0000 (12:31 -0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 30 Nov 2021 21:49:29 +0000 (22:49 +0100)
commit6333a1a7d1c64362a50752705c5dfae31ddd93c6
tree279d9e38b265dfa3efa28bb75d4bcb297d9f432dtree | snapshot
parent0290c881d3ddd4eb589c36cedbb187f8cf1404cfcommit | diff
netfilter: conntrack: Use memset_startat() to zero struct nf_conn

In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memset(), avoid intentionally writing across
neighboring fields.

Use memset_startat() to avoid confusing memset() about writing beyond
the target struct member.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_core.c diff | blob | history
Linux Kernel Source Tree.