[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter-devel
Subject:    Re: [PATCH] netfilter: conntrack: Use memset_startat() to zero struct nf_conn
From:       Pablo Neira Ayuso <pablo () netfilter ! org>
Date:       2021-11-30 21:49:42
Message-ID: Yaacdlj7UX1StO5Y () salvia
[Download RAW message or body]

On Thu, Nov 18, 2021 at 12:31:13PM -0800, Kees Cook wrote:
> In preparation for FORTIFY_SOURCE performing compile-time and run-time
> field bounds checking for memset(), avoid intentionally writing across
> neighboring fields.
> 
> Use memset_startat() to avoid confusing memset() about writing beyond
> the target struct member.

Applied to nf-next, thanks
[prev in list] [next in list] [prev in thread] [next in thread]