From 804df63f74345bc865015c768d29cb57b3b14a1f Mon Sep 17 00:00:00 2001 From: Richard Fuchs Date: Mon, 2 Oct 2023 10:28:26 -0400 Subject: [PATCH] MT#57371 use non-local storage for nft target info Setting the target info of an `expr` object doesn't result on the data being copied by libnftnl (unlike other objects). Use static storage to fix invalid pointer usage. Reported in #984 Closes #1731 Change-Id: Ic5c156a83504a24fb618d770ba53cd1ec4fb2435 --- daemon/nftables.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/daemon/nftables.c b/daemon/nftables.c index c826cbecb..055ea6285 100644 --- a/daemon/nftables.c +++ b/daemon/nftables.c @@ -59,6 +59,9 @@ struct add_rule_callbacks { const char *chain; const char *base_chain; int table; + + // intermediate storage area + struct xt_rtpengine_info rtpe_target_info; }; @@ -337,7 +340,6 @@ static const char *add_rule(struct mnl_socket *nl, int family, uint32_t *seq, return batch_request("add rule", nl, family, seq, NFT_MSG_NEWRULE, NLM_F_APPEND | NLM_F_CREATE, nftnl_rule_nlmsg_build_payload, r); - } @@ -405,9 +407,9 @@ static const char *rtpe_target(struct nftnl_rule *r, int family, struct add_rule nftnl_expr_set_str(e, NFTNL_EXPR_TG_NAME, "RTPENGINE"); nftnl_expr_set_u32(e, NFTNL_EXPR_TG_REV, 0); - struct xt_rtpengine_info info = { .id = callbacks->table }; + callbacks->rtpe_target_info = (struct xt_rtpengine_info) { .id = callbacks->table }; - nftnl_expr_set(e, NFTNL_EXPR_TG_INFO, &info, sizeof(info)); + nftnl_expr_set(e, NFTNL_EXPR_TG_INFO, &callbacks->rtpe_target_info, sizeof(callbacks->rtpe_target_info)); nftnl_rule_add_expr(r, e); e = NULL;