]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b2b42ab) | patch
netfilter: nft_fib_ipv4: initialize *dest to zero
authorLiping Zhang <zlpnobody@gmail.com>
Wed, 23 Nov 2016 14:12:21 +0000 (22:12 +0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 6 Dec 2016 20:42:21 +0000 (21:42 +0100)
commit96cea84f7ba4bb3cdb698c8601a0ea57a38ed324
treec93f76d2219fe8b7da2c3e18a958b2c6b6ba3074tree | snapshot
parentb2b42ab8b829fa15370bcd30d9d474998305e317commit | diff
netfilter: nft_fib_ipv4: initialize *dest to zero

Otherwise, if fib lookup fail, *dest will be filled with garbage value,
so reverse path filtering will not work properly:
 # nft add rule x prerouting fib saddr oif eq 0 drop

Fixes: 798b8c4613cc ("netfilter: nf_tables: add fib expression")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/ipv4/netfilter/nft_fib_ipv4.c diff | blob | history
Linux Kernel Source Tree.