[Bug 1331] New: libiptc.c: missing memset causes that the garbage is read

Thu Apr 4 14:03:38 CEST 2019

https://bugzilla.netfilter.org/show_bug.cgi?id=1331

            Bug ID: 1331
           Summary: libiptc.c: missing memset causes that the garbage is
                    read
           Product: iptables
           Version: unspecified
          Hardware: x86_64
                OS: SuSE Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: iptables
          Assignee: netfilter-buglog at lists.netfilter.org
          Reporter: kstreitova at suse.com

Created attachment 562
  --> https://bugzilla.netfilter.org/attachment.cgi?id=562&action=edit
iptables-1.8.2-dont_read_garbage.patch

Hello,

In SUSE we bumped into a bug where iptables doesn't work with our
kernel-default-base package that was missing bpfilter module:

https://bugzilla.suse.com/show_bug.cgi?id=1106751

As a part of this bug, Fabian Vogt discovered that this was actually handled
wrongly also in iptables itself as a missing memset(&info, 0, sizeof(info)); in
libiptc.c caused it to read garbage.

He proposed a patch that I'm attaching.

For more information please read the mentioned bug (mainly comments 0, 1, 6).

Thanks!

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190404/ced24ab7/attachment.html>