Re: [PATCH net-next] netfilter: nf_tables: check msg_type before nft_trans_set(trans)
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: 2018-06-01 08:14:15
Also in:
netfilter-devel
On Thu, May 31, 2018 at 09:07:31PM +0200, Florian Westphal wrote:
Alexey Kodanev [off-list ref] wrote:quoted
The patch moves the "trans->msg_type == NFT_MSG_NEWSET" check before using nft_trans_set(trans). Otherwise we can get out of bounds read.Indeed, thanks for fixining this. Acked-by: Florian Westphal <fw@strlen.de>
Also applied to nf.git, thanks!