op-kernel-dev - Development kernel branch for OpenPOWER systems

diff options

author	Gustavo A. R. Silva <gustavo@embeddedor.com>	2018-03-12 18:14:42 -0500
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-03-20 13:41:04 +0100
commit	8039ab43eeac029a9c47c0411918ea82c9ce87cd (patch)
tree	011831e1970bab8b521125d2be88c5694ab47922 /net/netfilter/nfnetlink_cthelper.c
parent	d719e3f21cf91d3f82bd827d46199ba41af2f73a (diff)
download	op-kernel-dev-8039ab43eeac029a9c47c0411918ea82c9ce87cd.zip op-kernel-dev-8039ab43eeac029a9c47c0411918ea82c9ce87cd.tar.gz

netfilter: cttimeout: remove VLA usage

In preparation to enabling -Wvla, remove VLA and replace it with dynamic memory allocation. >From a security viewpoint, the use of Variable Length Arrays can be a vector for stack overflow attacks. Also, in general, as the code evolves it is easy to lose track of how big a VLA can get. Thus, we can end up having segfaults that are hard to debug. Also, fixed as part of the directive to remove all VLAs from the kernel: https://lkml.org/lkml/2018/3/7/621 While at it, remove likely() notation which is not necessary from the control plane code. Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/netfilter/nfnetlink_cthelper.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: