Hi,
The plan is to deprecate all the "untyped setters" (i.e., most of
nftnl_*_set()) since they accept a data pointer without length so no
data length validation may happen.
In the same effort, said validation should be added where missing.
While working on this for objects, I noticed a potential problem with
nftnl_obj_set():
| void nftnl_obj_set(struct nftnl_obj *obj, uint16_t attr, const void *data)
| {
| nftnl_obj_set_data(obj, attr, data, nftnl_obj_validate[attr]);
| }
Callers pass some specific object's attribute to the function, e.g.
NFTNL_OBJ_QUOTA_FLAGS. Unless I miss something, this leads to
overstepping of nftnl_obj_validate array bounds which is defined with
a size of NFTNL_OBJ_MAX.
Anyway, when adding validation to the specific object types in
src/obj/*.c, I broke the above function since it passes bogus data_len.
The only way to keep this functional is to make max attr value and
validate array accessible from src/object.c, thereby performing the
validation for all object types in a common place.
Doing so I added 'uint32_t *validate' field to struct obj_ops and
assumed max_attr field is already what I need - which is wrong: max_attr
holds the max NFTA_* value, not NFTNL_OBJ_* one which I need.
Long story short: Should I add a new field or can I reuse max_attr which
apparently is otherwise unused?
Cheers, Phil
