diff options
author | Gustavo A. R. Silva <gustavo@embeddedor.com> | 2018-03-12 18:14:42 -0500 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-20 13:41:04 +0100 |
commit | 8039ab43eeac029a9c47c0411918ea82c9ce87cd (patch) | |
tree | 011831e1970bab8b521125d2be88c5694ab47922 /net/netfilter/nfnetlink_cthelper.c | |
parent | d719e3f21cf91d3f82bd827d46199ba41af2f73a (diff) | |
download | op-kernel-dev-8039ab43eeac029a9c47c0411918ea82c9ce87cd.zip op-kernel-dev-8039ab43eeac029a9c47c0411918ea82c9ce87cd.tar.gz |
netfilter: cttimeout: remove VLA usage
In preparation to enabling -Wvla, remove VLA and replace it
with dynamic memory allocation.
>From a security viewpoint, the use of Variable Length Arrays can be
a vector for stack overflow attacks. Also, in general, as the code
evolves it is easy to lose track of how big a VLA can get. Thus, we
can end up having segfaults that are hard to debug.
Also, fixed as part of the directive to remove all VLAs from
the kernel: https://lkml.org/lkml/2018/3/7/621
While at it, remove likely() notation which is not necessary from the
control plane code.
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nfnetlink_cthelper.c')
0 files changed, 0 insertions, 0 deletions