object: Avoid obj_ops array overrun

In version 1.1.1, obj_ops array was smaller than __NFT_OBJECT_MAX since
there are no ops for NFT_OBJECT_CONNLIMIT. Avoid this potential issue in
the future by defining the array size.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/object.c b/src/object.c
index e88203a82441eced1a41905528438c7fa19ccbf9..5c8d1835ca97ee207c7517df31fd36ac5de948b9 100644 (file)
--- a/src/object.c
+++ b/src/object.c
@@ -25,7 +25,7 @@
 #include <buffer.h>
 #include "obj.h"
 
-static struct obj_ops *obj_ops[] = {
+static struct obj_ops *obj_ops[__NFT_OBJECT_MAX] = {
        [NFT_OBJECT_COUNTER]    = &obj_ops_counter,
        [NFT_OBJECT_QUOTA]      = &obj_ops_quota,
        [NFT_OBJECT_CT_HELPER]  = &obj_ops_ct_helper,