netfilter: cttimeout: remove VLA usage - openslx/kernel-qcow2-linux.git

diff options

author	Gustavo A. R. Silva	2018-03-13 00:14:42 +0100
committer	Pablo Neira Ayuso	2018-03-20 13:41:04 +0100
commit	8039ab43eeac029a9c47c0411918ea82c9ce87cd (patch)
tree	011831e1970bab8b521125d2be88c5694ab47922 /net/netfilter/nfnetlink_cthelper.c
parent	netfilter: nft_ct: add NFT_CT_{SRC,DST}_{IP,IP6} (diff)
download	kernel-qcow2-linux-8039ab43eeac029a9c47c0411918ea82c9ce87cd.tar.gz kernel-qcow2-linux-8039ab43eeac029a9c47c0411918ea82c9ce87cd.tar.xz kernel-qcow2-linux-8039ab43eeac029a9c47c0411918ea82c9ce87cd.zip

netfilter: cttimeout: remove VLA usage

In preparation to enabling -Wvla, remove VLA and replace it with dynamic memory allocation. >From a security viewpoint, the use of Variable Length Arrays can be a vector for stack overflow attacks. Also, in general, as the code evolves it is easy to lose track of how big a VLA can get. Thus, we can end up having segfaults that are hard to debug. Also, fixed as part of the directive to remove all VLAs from the kernel: https://lkml.org/lkml/2018/3/7/621 While at it, remove likely() notation which is not necessary from the control plane code. Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/netfilter/nfnetlink_cthelper.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: