[PATCH] Avoid using freed memory in iptables.c
Harald Welte
laforge at netfilter.org
Fri Jul 29 15:09:45 CEST 2005
On Mon, Jul 18, 2005 at 05:53:37PM +0200, Marcus Sundberg wrote:
> The call to free_opts() in merge_options() is invalid C. The oldopts
> argument always refers to the memory pointed to by the opts global,
> which may be freed by the call to free_opts(), but oldopts is used
> after the free_opts() call. This patch makes sure we don't use freed
> memory.
thanks, I finally merged your important fix today (and also fixed
ip6tables.c). I think iptables-1.3.3 should be released any day now.
--
- Harald Welte <laforge at netfilter.org> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20050729/43336539/attachment.bin
More information about the netfilter-devel
mailing list