diff options
author | David S. Miller <davem@davemloft.net> | 2020-08-24 06:37:05 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2020-08-24 06:37:05 -0700 |
commit | a26aea2010601920ad3e61abdc22ad38a805be94 (patch) | |
tree | a991be9108835cddadab46c509aecf234e644003 /net/netfilter/nft_payload.c | |
parent | net: systemport: Fix memleak in bcm_sysport_probe (diff) | |
parent | netfilter: nf_tables: fix destination register zeroing (diff) | |
download | wireguard-linux-a26aea2010601920ad3e61abdc22ad38a805be94.tar.xz wireguard-linux-a26aea2010601920ad3e61abdc22ad38a805be94.zip |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains Netfilter fixes for net:
1) Don't flag SCTP heartbeat as invalid for re-used connections,
from Florian Westphal.
2) Bogus overlap report due to rbtree tree rotations, from Stefano Brivio.
3) Detect partial overlap with start end point match, also from Stefano.
4) Skip netlink dump of NFTA_SET_USERDATA is unset.
5) Incorrect nft_list_attributes enumeration definition.
6) Missing zeroing before memcpy to destination register, also
from Florian.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter/nft_payload.c')
-rw-r--r-- | net/netfilter/nft_payload.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c index ed7cb9f747f6..7a2e59638499 100644 --- a/net/netfilter/nft_payload.c +++ b/net/netfilter/nft_payload.c @@ -87,7 +87,9 @@ void nft_payload_eval(const struct nft_expr *expr, u32 *dest = ®s->data[priv->dreg]; int offset; - dest[priv->len / NFT_REG32_SIZE] = 0; + if (priv->len % NFT_REG32_SIZE) + dest[priv->len / NFT_REG32_SIZE] = 0; + switch (priv->base) { case NFT_PAYLOAD_LL_HEADER: if (!skb_mac_header_was_set(skb)) |