Cover Letter Detail – Django REST framework

Show a cover letter.

GET /api/covers/2227282/?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2227282,
    "url": "http://patchwork.ozlabs.org/api/covers/2227282/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/cover/CAC-THR-m=VEy9N=xc_gBSySxESamwsLNWy4tBuuCXxZQ7qJfMw@mail.gmail.com/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<CAC-THR-m=VEy9N=xc_gBSySxESamwsLNWy4tBuuCXxZQ7qJfMw@mail.gmail.com>",
    "list_archive_url": null,
    "date": "2026-04-23T11:29:52",
    "name": "[0/1] netfilter: nfnetlink_queue: fix missing padding in NFQA_PAYLOAD attribute",
    "submitter": {
        "id": 93237,
        "url": "http://patchwork.ozlabs.org/api/people/93237/?format=api",
        "name": "Ramesh Adhikari",
        "email": "adhikari.resume@gmail.com"
    },
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/cover/CAC-THR-m=VEy9N=xc_gBSySxESamwsLNWy4tBuuCXxZQ7qJfMw@mail.gmail.com/mbox/",
    "series": [
        {
            "id": 501184,
            "url": "http://patchwork.ozlabs.org/api/series/501184/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=501184",
            "date": "2026-04-23T11:29:52",
            "name": "netfilter: nfnetlink_queue: fix missing padding in NFQA_PAYLOAD attribute",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/501184/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/covers/2227282/comments/",
    "headers": {
        "Return-Path": "\n <netfilter-devel+bounces-12154-incoming=patchwork.ozlabs.org@vger.kernel.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "netfilter-devel@vger.kernel.org"
        ],
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256\n header.s=20251104 header.b=N2lC3Pfo;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c04:e001:36c::12fc:5321; helo=tor.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12154-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)",
            "smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=\"N2lC3Pfo\"",
            "smtp.subspace.kernel.org;\n arc=pass smtp.client-ip=209.85.221.171",
            "smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com",
            "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=gmail.com"
        ],
        "Received": [
            "from tor.lore.kernel.org (tor.lore.kernel.org\n [IPv6:2600:3c04:e001:36c::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g1Ymv6wsGz1yD5\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 23 Apr 2026 21:30:39 +1000 (AEST)",
            "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id B3ECB303431B\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 23 Apr 2026 11:30:09 +0000 (UTC)",
            "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id DC9C83E92A3;\n\tThu, 23 Apr 2026 11:30:07 +0000 (UTC)",
            "from mail-vk1-f171.google.com (mail-vk1-f171.google.com\n [209.85.221.171])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 38E083E9292\n\tfor <netfilter-devel@vger.kernel.org>; Thu, 23 Apr 2026 11:30:06 +0000 (UTC)",
            "by mail-vk1-f171.google.com with SMTP id\n 71dfb90a1353d-56dfd007d31so4015157e0c.3\n        for <netfilter-devel@vger.kernel.org>;\n Thu, 23 Apr 2026 04:30:06 -0700 (PDT)"
        ],
        "ARC-Seal": [
            "i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1776943807; cv=pass;\n b=MYKc72l5iIwpQlp+ZZsVTm7FTsVNCbF+Ea87RVFVOpklBr9Yadbs1PMaFF+itaDn0nXoqji5LOu/1p7u53sZicHLyDSy9JVxb18N10mvd6D0Wv+U0r7EkGj4tgxhFU54FV7rEDyf6A8E5rDnqcD60r0c0dNOLG5vEqhBhpPXPEw=",
            "i=1; a=rsa-sha256; t=1776943805; cv=none;\n        d=google.com; s=arc-20240605;\n        b=NGOzUvbZM9b544mTTwg25mjfBk2iX2wQcsh5kcU3ONHDovjf+GvuzeEueZ8l0COpSs\n         LF6a0Ua45tS8byMeun4DY/2yGbXI5+191B4vugephrFHbfqZziqcLufp4rriX2oxeBwn\n         WrMyVgJpY7qO2AgRLZPJKC5ZQqwJQYjwCK2Q1drn2PNddI/HkrWBmm6kP1LZzQHtIHSA\n         GXGcPhJpUQxa9YP3eAyajjqS78vDgGvaq4gBePi+pfIxgh1rjvbykKZtmIF/b6UNDW5n\n         os1S7JsLCwbCbVBPJZREoZFmVILGvNwGVPPjm24OjspPIZiw2yY1FJEW2QXjBAonckqL\n         aCWA=="
        ],
        "ARC-Message-Signature": [
            "i=2; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1776943807; c=relaxed/simple;\n\tbh=T4LShQj9jiOPwMnozdDj01/Lj+CiM23s8wcbkKMymDY=;\n\th=MIME-Version:From:Date:Message-ID:Subject:To:Cc:Content-Type;\n b=PRKgPXXPxa123ygHRXp1PiPFbQLmk2cgXfwejYs0844EvNd0YiZg6zzcZcOObZkY9RFwFfpdSkobJIqEcUr2OqmuG5NGa2nB8FtO4IYBKfI2HNLXhBjUKifDNzj017TwecFfN9OHTh0Q+BuEDZ0Dd05nQW+u7GJYD323jh8ML+0=",
            "i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;\n s=arc-20240605;\n        h=cc:to:subject:message-id:date:from:mime-version:dkim-signature;\n        bh=x58fs5tyz9iJ+tAmsZX43STXvFZsxV8FygOoUaHevxE=;\n        fh=i8nWucUDDcuJZrAc5F/lTqZ3W31vqALi8eeFadgPUj8=;\n        b=APqu2UJBVXLKO8H9Uu1KlPC1L94Z/xQLwo8CD5C4/PhjpuRtJSaIVbvN7JwQhzbSfo\n         Ptlw7NYBSasO8oBxL122o3wuyvxMODHWkv67iTwfCtlNuydDw97mImb+4Txc7eE7vQKG\n         QmLPkR+VIMkReNrXXl4cevBUT4hK5qHbu0NKTg2+OPU563LzPpXLCR6td+izpT/wcWqw\n         Je1O6gdV7suux4m/vSWYws8cCzLtLDM0On98be5V0bjw4xROImjb/LHE00GhPxaZH5s+\n         8jd1QaSb47eIpwbNg7bCpjBKS9ymi8vvJFMkbXj4OYKyV0uUmRMTFI4vRt22wkamVEQC\n         3lOQ==;\n        darn=vger.kernel.org"
        ],
        "ARC-Authentication-Results": [
            "i=2; smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com;\n spf=pass smtp.mailfrom=gmail.com;\n dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=N2lC3Pfo; arc=pass smtp.client-ip=209.85.221.171",
            "i=1; mx.google.com; arc=none"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n        d=gmail.com; s=20251104; t=1776943805; x=1777548605;\n darn=vger.kernel.org;\n        h=cc:to:subject:message-id:date:from:mime-version:from:to:cc:subject\n         :date:message-id:reply-to;\n        bh=x58fs5tyz9iJ+tAmsZX43STXvFZsxV8FygOoUaHevxE=;\n        b=N2lC3Pfo4xx3nbbMu91DbwBGdjVxaOPAMMaraYosTxO8hSsNKg6iVY/7ChgBjBCYOA\n         oZwzEDS8xWkiMrjpN4f2RAqPqsp/CFALs9xcLqTjKen/1ii3nWSLCDwq2ucryFTbtzb5\n         x0WmkafrJVOW5OaYWtlygTCzd69WT8dHRp8/C4HJw4bL4lp5AQh4UPzwukzYdLpt9d7u\n         pHjhwvYKduq5Ux/wHh9m9xGvkiHZGEoD/lMoUGPydvBrdfutt1kDzLaHjsNmHXYWNDGD\n         EADC5/H5bWUW6InLER1oUXAxvJknafp8EHFBjRpH7XIfFcwL5FksyJe5cpFINJ4YWJoN\n         c3tQ==",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n        d=1e100.net; s=20251104; t=1776943805; x=1777548605;\n        h=cc:to:subject:message-id:date:from:mime-version:x-gm-gg\n         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;\n        bh=x58fs5tyz9iJ+tAmsZX43STXvFZsxV8FygOoUaHevxE=;\n        b=ck9ETxkmifhpDZeaxYweiBTK9vf7WS8WtFRBAmWzVxtCKddv2CqIcTyCBkxiNsDgK/\n         Jnu7jq4sl7QQoACQbbidSZSwktdzqhrNyxloyaPy2MFeggS+RH5vtfrG8QSIvrkcaP7B\n         +2wNZoJbA0BGJ2/nlOrYWRqIfw61KnknUgcN13E2prnVWKWVnv7LrTPU0QgM5wdAf1hV\n         wcEKtzQknuvQPcE+NC4C4rSkaNq2zx53JmWyDdJhilCqmAtTQ1COeDKeJ95RVbB8PpeN\n         bBaSsBNJbcmsGvgYwj8yAoaRMYNkjOKGS1e0TzCL5wt0noS0KBLt3HC1Md3cspGcH9Tv\n         Xh1w==",
        "X-Gm-Message-State": "AOJu0YxxwWpqjNYV14ZkE7pA5gTzH5Mb9k7Gjw7WfYSq0Wwn6sLvnnLq\n\t5GR/1j60o/XoGgCsRWN0wZkPOqRLykZXymVuzavFPQK7DAnePofrAOi+ovEFje7VCy77skMgAdf\n\tdkSsKrbfqKMiQsvM4g1ZbhmnpX4zjpz75Spo=",
        "X-Gm-Gg": "AeBDiev6tgn8JZFYb+kbuh8bKd29hfC7ng55raXu1pHyU2bvoD+0nqFHQdShurHfh92\n\tyPQUbLsKLpJStppciYAgKCxh0HAHEmS6DaiBAD7QFRIpUtbhgWZM+3gt7C+AYUs5UUgCko/Vlzp\n\t1qhSgbQieQD5JtLLAyZ9Pp8XQjRCxcIvE5PkyhOQai6hq49J3N3zkjnb5SVYo5MaQRfbVippEH9\n\tCzh5LRb8nq+rZTj05t/vF6SR96R8XF+RDs/7QWJzIn44yLbIiTYmibwQzb/nFVCuOiT9dRS+7LC\n\ttZCK6T8itaEMB3ccmsLozMWHG9vl+s7S33JJ7xcIQWUie8C5",
        "X-Received": "by 2002:a05:6122:d95:b0:56c:db9e:7d04 with SMTP id\n 71dfb90a1353d-56fa59b54cfmr13938953e0c.10.1776943804949; Thu, 23 Apr 2026\n 04:30:04 -0700 (PDT)",
        "Precedence": "bulk",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org",
        "List-Id": "<netfilter-devel.vger.kernel.org>",
        "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>",
        "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>",
        "MIME-Version": "1.0",
        "From": "Ramesh Adhikari <adhikari.resume@gmail.com>",
        "Date": "Thu, 23 Apr 2026 16:59:52 +0530",
        "X-Gm-Features": "AQROBzBgelQotVXV1c8ciDn0tPpiuCL74qxlCARfkOd-_4vqr4e8nowfr2krRa0",
        "Message-ID": "\n <CAC-THR-m=VEy9N=xc_gBSySxESamwsLNWy4tBuuCXxZQ7qJfMw@mail.gmail.com>",
        "Subject": "[PATCH 0/1] netfilter: nfnetlink_queue: fix missing padding in\n NFQA_PAYLOAD attribute",
        "To": "netfilter-devel@vger.kernel.org",
        "Cc": "pablo@netfilter.org",
        "Content-Type": "text/plain; charset=\"UTF-8\""
    },
    "content": "Hi Netfilter developers,\n\nI found a netlink attribute construction bug in nfnetlink_queue similar\nto the one recently fixed in nfnetlink_log (commit 52025ebaa29).\n\nISSUE:\nIn net/netfilter/nfnetlink_queue.c lines 894-899, the NFQA_PAYLOAD\nattribute is manually constructed without allocating padding bytes:\n\n    nla = skb_put(skb, sizeof(*nla));\n    nla->nla_type = NFQA_PAYLOAD;\n    nla->nla_len = nla_attr_size(data_len);\n    if (skb_zerocopy(skb, entskb, data_len, hlen))\n        goto nla_put_failure;\n\nThis allocates only (4 + data_len) bytes. For data_len=5, this is 9 bytes.\n\nHowever, nla_next() expects padding:\n    totlen = NLA_ALIGN(nla->nla_len);  // NLA_ALIGN(9) = 12\n\nThe netlink message is 3 bytes short of what the parser expects.\n\nPROOF:\nWith copy_range=5, captured netlink messages are 73 bytes (should be 76).\nThe message ends immediately after the 5th data byte with no padding.\n\nFIX:\nReplace manual construction with __nla_reserve(), like all other\nattributes in the file:\n\n    nla = __nla_reserve(skb, NFQA_PAYLOAD, data_len);\n    if (!nla)\n        goto nla_put_failure;\n    if (skb_zerocopy(skb, entskb, data_len, hlen))\n        goto nla_put_failure;\n\nIMPACT:\nCorrectness issue - violates netlink protocol. Could cause userspace\nparsers to misparse or crash if they don't check message boundaries.\n\nI can submit a formal patch if needed.\n\nBest regards,\nRamesh Adhikari\nSecurity Researcher\nhttps://iotsec.in"
}