Displaying 1 result from an estimated 1 matches for "free_argv".
Did you mean:
free_args
2017 Mar 17
2
[Bug 1131] New: iptables-restore crashes on some fuzzed input
...t have any security implication. I file this bug only because
crashing on any input (even carefully crafted) is considered undesirable
nowadays.
> iptables/iptables-restore.c:438
> ret = do_command4(newargc, newargv,
> &newargv[2], &handle, true);
<...>
> free_argv();
By passing &newargv[2] to do_command4() we assume that this pointer won't be
overwritten by the function. Otherwise, following call to free_argv() may crash
if the overwritten pointer is either malformed or have duplicates in the
newargv array. This pointer gets overwritten only when -t...