On 5 May 2026, at 17:59, Mike Pattrick via dev wrote:
> In parse_conntrack_action(), the ct_nat_params struct is declared
> without initialization. The snat and dnat fields are only set when
> the user explicitly specifies "src" or "dst" in the NAT configuration.
> However, the validation checks that both snat and dnat are not
> simultaneously true, which will read these fields regardless of user
> input.
>
> Initialize snat and dnat to false at declaration to ensure these fields
> have defined values before any reads occur.
>
> Found with clang analyze.
>
> Fixes: 9ac0aadab9f9 ("conntrack: Add support for NAT.")
> Acked-by: Eelco Chaudron [email protected]
Still good, but ACK-ed by tag seems wrong;
Acked-by: Eelco Chaudron <[email protected]>
> Signed-off-by: Mike Pattrick <[email protected]>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
