[lnf-queue PATCH] nlmsg: add lacking attributes validation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch adds four (actually two) attributes validation with
comparing to current kernel header.

Signed-off-by: Ken-ichirou MATSUZAWA <chamas@xxxxxxxxxxxxx>
---
 src/nlmsg.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/nlmsg.c b/src/nlmsg.c
index cabd8be..ba28c77 100644
--- a/src/nlmsg.c
+++ b/src/nlmsg.c
@@ -140,6 +140,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
 	case NFQA_SECCTX:
 	case NFQA_UID:
 	case NFQA_GID:
+	case NFQA_CT_INFO:
 		if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
 			return MNL_CB_ERROR;
 		break;
@@ -155,7 +156,15 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
 			return MNL_CB_ERROR;
 		}
 		break;
+	case NFQA_PACKET_HDR:
+		if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
+		    sizeof(struct nfqnl_msg_packet_hdr)) < 0) {
+			return MNL_CB_ERROR;
+		}
+		break;
 	case NFQA_PAYLOAD:
+	case NFQA_CT:
+	case NFQA_EXP:
 		break;
 	}
 	tb[type] = attr;
-- 
2.1.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux