On Wed, Jun 12, 2013 at 05:54:51PM +0200, Daniel Borkmann wrote: > These are the only calls under net/ that do not check nla_parse_nested() > for its error code, but simply continue execution. If parsing of netlink > attributes fails, we should return with an error instead of continuing. > In nearly all of these calls we have a policy attached, that is being > type verified during nla_parse_nested(), which we would miss checking > for otherwise. Applied, thanks Daniel. I'm going to run some tests, this may uncover wrong policies as they were not enforced. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
