Array 'tb' has only 'attr_max' elements, the loop overstepped its
boundary by one. Copy array_size() macro from include/utils.h in
nftables.git to make sure code does the right thing.
Fixes: 0adceeab1597a ("src: add ct timeout support")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
ret = remain; \
remain -= ret; \
+
+#define BUILD_BUG_ON_ZERO(e) (sizeof(char[1 - 2 * !!(e)]) - 1)
+
+#define __must_be_array(a) \
+ BUILD_BUG_ON_ZERO(__builtin_types_compatible_p(typeof(a), typeof(&a[0])))
+
+#define array_size(arr) (sizeof(arr) / sizeof((arr)[0]) + __must_be_array(arr))
+
const char *nftnl_family2str(uint32_t family);
int nftnl_str2family(const char *family);
if (mnl_attr_parse_nested(nest, parse_timeout_attr_policy_cb, &cnt) < 0)
return -1;
- for (i = 1; i <= attr_max; i++) {
+ for (i = 1; i < array_size(tb); i++) {
if (tb[i]) {
nftnl_timeout_policy_attr_set_u32(e, i-1,
ntohl(mnl_attr_get_u32(tb[i])));
projects / thirdparty / libnftnl.git / commitdiff
