Message ID | 20150911015452.GA6310@gmail.com |
---|---|
State | Accepted |
Delegated to: | Pablo Neira |
Headers | show |
On Fri, Sep 11, 2015 at 10:54:53AM +0900, Ken-ichirou MATSUZAWA wrote: > This patch adds four (actually two) attributes validation with > comparing to current kernel header. Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/src/nlmsg.c b/src/nlmsg.c index cabd8be..ba28c77 100644 --- a/src/nlmsg.c +++ b/src/nlmsg.c @@ -140,6 +140,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data) case NFQA_SECCTX: case NFQA_UID: case NFQA_GID: + case NFQA_CT_INFO: if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) return MNL_CB_ERROR; break; @@ -155,7 +156,15 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data) return MNL_CB_ERROR; } break; + case NFQA_PACKET_HDR: + if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC, + sizeof(struct nfqnl_msg_packet_hdr)) < 0) { + return MNL_CB_ERROR; + } + break; case NFQA_PAYLOAD: + case NFQA_CT: + case NFQA_EXP: break; } tb[type] = attr;
This patch adds four (actually two) attributes validation with comparing to current kernel header. Signed-off-by: Ken-ichirou MATSUZAWA <chamas@h4.dion.ne.jp> --- src/nlmsg.c | 9 +++++++++ 1 file changed, 9 insertions(+)