Re: [PATCH] netfilter: conntrack: Use memset_startat() to zero struct nf_conn

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: 2021-11-30 21:50:51
Also in: lkml, netdev, netfilter-devel

On Thu, Nov 18, 2021 at 12:31:13PM -0800, Kees Cook wrote:

In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memset(), avoid intentionally writing across
neighboring fields.

Use memset_startat() to avoid confusing memset() about writing beyond
the target struct member.

Applied to nf-next, thanks

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help