bugzilla-daemon at netfilter.org
2019-Apr-04 12:03 UTC
[Bug 1331] New: libiptc.c: missing memset causes that the garbage is read
https://bugzilla.netfilter.org/show_bug.cgi?id=1331
Bug ID: 1331
Summary: libiptc.c: missing memset causes that the garbage is
read
Product: iptables
Version: unspecified
Hardware: x86_64
OS: SuSE Linux
Status: NEW
Severity: minor
Priority: P5
Component: iptables
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: kstreitova at suse.com
Created attachment 562
--> https://bugzilla.netfilter.org/attachment.cgi?id=562&action=edit
iptables-1.8.2-dont_read_garbage.patch
Hello,
In SUSE we bumped into a bug where iptables doesn't work with our
kernel-default-base package that was missing bpfilter module:
https://bugzilla.suse.com/show_bug.cgi?id=1106751
As a part of this bug, Fabian Vogt discovered that this was actually handled
wrongly also in iptables itself as a missing memset(&info, 0, sizeof(info));
in
libiptc.c caused it to read garbage.
He proposed a patch that I'm attaching.
For more information please read the mentioned bug (mainly comments 0, 1, 6).
Thanks!
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190404/ced24ab7/attachment.html>
Possibly Parallel Threads
- [Bug 1067] New: Compilation failure on Linux 4.5.x when including libiptc/libiptc.h
- [Bug 638] New: make libiptc a public interface
- [Bug 826] New: libiptc/libip6tc.h doesn't specify C linkage
- [Bug 1289] New: iptables build fails with kernel 4.20-rc1 - gnu_inline attributes
- [Bug 1275] New: if IPTC_DEBUG is defined, compiler reports errors
Wisdom of the Ancients
