]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 70e3dd6) | patch
netfilter: nft_fib_ipv4: initialize *dest to zero
authorLiping Zhang <zlpnobody@gmail.com>
Wed, 23 Nov 2016 14:12:21 +0000 (22:12 +0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 6 Dec 2016 20:42:21 +0000 (21:42 +0100)
commitf6508e9333508a764add8726f16589c92561031f
treec93f76d2219fe8b7da2c3e18a958b2c6b6ba3074tree | snapshot
parent70e3dd656275e5a628147ad6e2661cf2aff07834commit | diff
netfilter: nft_fib_ipv4: initialize *dest to zero

Otherwise, if fib lookup fail, *dest will be filled with garbage value,
so reverse path filtering will not work properly:
 # nft add rule x prerouting fib saddr oif eq 0 drop

Fixes: 5b1de3fa6d05 ("netfilter: nf_tables: add fib expression")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/ipv4/netfilter/nft_fib_ipv4.c diff | blob | history
Linux Kernel Source Tree.