[NETFILTER]: nfnetlink_queue: fix computation of allocated size for netlink skb
Upstream commit cabaa9bf:
Size of the netlink skb was wrongly computed because the formula was using
NLMSG_ALIGN instead of NLMSG_SPACE. NLMSG_ALIGN does not add the room for
netlink header as NLMSG_SPACE does. This was causing a failure of message
building in some cases.
On my test system, all messages for packets in range [8*k+41, 8*k+48] where k
is an integer were invalid and the corresponding packets were dropped.
Signed-off-by: Eric Leblond <eric@xxxxxx>
Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
---
commit 26a01f41cb49b1d5d75832d50ac7ab6def468e37
tree b1be993bc991a756a02da285e4cb9fff9c024ec2
parent 2cfc500a853497da88ca6b097873bcb0de65e764
author Eric Leblond <eric@xxxxxx> Mon, 17 Mar 2008 15:30:13 +0100
committer Patrick McHardy <kaber@xxxxxxxxx> Mon, 17 Mar 2008 15:30:13 +0100
net/netfilter/nfnetlink_queue.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 3ceeffc..15a7de2 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -353,7 +353,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
QDEBUG("entered\n");
- size = NLMSG_ALIGN(sizeof(struct nfgenmsg))
+ size = NLMSG_SPACE(sizeof(struct nfgenmsg))
+ nla_total_size(sizeof(struct nfqnl_msg_packet_hdr))
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
