]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit
projects / mirror_ubuntu-artful-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1158343) | patch
netfilter: nft_fib_ipv4: initialize *dest to zero
authorLiping Zhang <zlpnobody@gmail.com>
Wed, 23 Nov 2016 14:12:21 +0000 (22:12 +0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 6 Dec 2016 20:42:21 +0000 (21:42 +0100)
commite0ffdbc78d84e1da090f03ab62da3def0e65159e
treec93f76d2219fe8b7da2c3e18a958b2c6b6ba3074tree
parent11583438b73fbc9117ff8afcbde8c934d0d63713commit | diff
netfilter: nft_fib_ipv4: initialize *dest to zero

Otherwise, if fib lookup fail, *dest will be filled with garbage value,
so reverse path filtering will not work properly:
 # nft add rule x prerouting fib saddr oif eq 0 drop

Fixes: f6d0cbcf09c5 ("netfilter: nf_tables: add fib expression")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/ipv4/netfilter/nft_fib_ipv4.c diff | blob | blame | history
Ubuntu Artful kernel mirror