git.ipfire.org Git - thirdparty/nftables.git/commit

]> git.ipfire.org Git - thirdparty/nftables.git/commit

projects / thirdparty / nftables.git / commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 26 Nov 2015 15:20:55 +0000 (16:20 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Sat, 28 Nov 2015 12:48:37 +0000 (13:48 +0100)
commit	972b03b43de3c896a0ff158110f0e7d978e7192e
tree	fd9b28691a2aefccf08fea68e4e863287b11afdd	tree \| snapshot
parent	947b4fe19a742057093341975b4e33c962ef1446	commit \| diff

netlink_delinearize: fix use-after-free

We have to clone the payload expression before attaching it to the lhs
of the relational expression, this payload expression is located at the
lhs of the binary operation that is released thereafter.

Fixes: 39f15c2 ("nft: support listing expressions that use non-byte header fields")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

src/netlink_delinearize.c

diff | blob | blame | history

Mirror of git://git.netfilter.org/nftables

RSS Atom