netfilter: nfnetlink_cthelper: Remove VLA usage - openslx/kernel-qcow2-linux.git

diff options

author	Gustavo A. R. Silva	2018-03-13 01:21:38 +0100
committer	Pablo Neira Ayuso	2018-03-20 13:41:38 +0100
commit	1446385904add0e89f990ee0518434365e50ce86 (patch)
tree	109422533e9bed9f96aff480f543745ddd51f180 /net/netfilter/nf_tables_api.c
parent	netfilter: cttimeout: remove VLA usage (diff)
download	kernel-qcow2-linux-1446385904add0e89f990ee0518434365e50ce86.tar.gz kernel-qcow2-linux-1446385904add0e89f990ee0518434365e50ce86.tar.xz kernel-qcow2-linux-1446385904add0e89f990ee0518434365e50ce86.zip

netfilter: nfnetlink_cthelper: Remove VLA usage

In preparation to enabling -Wvla, remove VLA and replace it with dynamic memory allocation. >From a security viewpoint, the use of Variable Length Arrays can be a vector for stack overflow attacks. Also, in general, as the code evolves it is easy to lose track of how big a VLA can get. Thus, we can end up having segfaults that are hard to debug. Also, fixed as part of the directive to remove all VLAs from the kernel: https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/netfilter/nf_tables_api.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: