Roman Kubiak <r.kubiak@xxxxxxxxxxx> wrote: > I was wondering, assuming i remove the NULL termination and SMACK sends a piece of data that's not null terminated, > how, on the userland side, can i find out about that size ? The size of netlink attribute is stored in netlink header. For old libnfnetlink based api, see nfq_get_payload() in libnetfilter_queue. > Please notice that i send a libnetfilter_queue patch: > [PATCH] libnetfitler_queue: receive security context info > > it uses > *secdata = (unsigned char *)nfnl_get_pointer_to_data(nfad->data, NFQA_SECCTX, char); > to get the security context data, but there is no info about the size, where can i find that not to go over bounds and read beyond what i should ? NFQ_PAYLOAD(nfad->data[NFQA_SECCTX - 1]) For libmnl based api (preferred), you'd use mnl_nlmsg_get_payload_len(attr[NFQA_SECCTX]) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
