| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 10 Jul 2010 12:16:04 +0900 From: Simon Horman <horms@...ge.net.au> To: netfilter-devel@...r.kernel.org, netdev@...r.kernel.org Cc: Patrick McHardy <kaber@...sh.net> Subject: [patch] netfilter: default to NF_DROP in sip_help_tcp() I initially noticed this because of the compiler warning below, but it does seem to be a valid concern in the case where ct_sip_get_header() returns 0 in the first iteration of the while loop. net/netfilter/nf_conntrack_sip.c: In function 'sip_help_tcp': net/netfilter/nf_conntrack_sip.c:1379: warning: 'ret' may be used uninitialized in this function Signed-off-by: Simon Horman <horms@...ge.net.au> Index: nf-next-2.6/net/netfilter/nf_conntrack_sip.c =================================================================== --- nf-next-2.6.orig/net/netfilter/nf_conntrack_sip.c 2010-07-10 12:11:52.000000000 +0900 +++ nf-next-2.6/net/netfilter/nf_conntrack_sip.c 2010-07-10 12:11:57.000000000 +0900 @@ -1376,7 +1376,7 @@ static int sip_help_tcp(struct sk_buff * unsigned int msglen, origlen; const char *dptr, *end; s16 diff, tdiff = 0; - int ret; + int ret = NF_DROP; typeof(nf_nat_sip_seq_adjust_hook) nf_nat_sip_seq_adjust; if (ctinfo != IP_CT_ESTABLISHED && -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists