netfilter: nfnetlink: cleanup for nfnetlink_rcv_msg() function
This patch cleans up the message handling path in two aspects: * it uses NLMSG_LENGTH() instead of NLMSG_SPACE() like rtnetlink does in this case to check if there is enough room for the Netlink/nfnetlink headers. No need to check for the padding room. * it removes a redundant header size checking that has been already do at the beginning of the function. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
874ab9233e
commit
f49c857ff2
@ -136,7 +136,7 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
|
|||||||
return -EPERM;
|
return -EPERM;
|
||||||
|
|
||||||
/* All the messages must at least contain nfgenmsg */
|
/* All the messages must at least contain nfgenmsg */
|
||||||
if (nlh->nlmsg_len < NLMSG_SPACE(sizeof(struct nfgenmsg)))
|
if (nlh->nlmsg_len < NLMSG_LENGTH(sizeof(struct nfgenmsg)))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
type = nlh->nlmsg_type;
|
type = nlh->nlmsg_type;
|
||||||
@ -160,19 +160,14 @@ replay:
|
|||||||
{
|
{
|
||||||
int min_len = NLMSG_SPACE(sizeof(struct nfgenmsg));
|
int min_len = NLMSG_SPACE(sizeof(struct nfgenmsg));
|
||||||
u_int8_t cb_id = NFNL_MSG_TYPE(nlh->nlmsg_type);
|
u_int8_t cb_id = NFNL_MSG_TYPE(nlh->nlmsg_type);
|
||||||
u_int16_t attr_count = ss->cb[cb_id].attr_count;
|
struct nlattr *cda[ss->cb[cb_id].attr_count + 1];
|
||||||
struct nlattr *cda[attr_count+1];
|
struct nlattr *attr = (void *)nlh + min_len;
|
||||||
|
int attrlen = nlh->nlmsg_len - min_len;
|
||||||
|
|
||||||
if (likely(nlh->nlmsg_len >= min_len)) {
|
err = nla_parse(cda, ss->cb[cb_id].attr_count,
|
||||||
struct nlattr *attr = (void *)nlh + NLMSG_ALIGN(min_len);
|
attr, attrlen, ss->cb[cb_id].policy);
|
||||||
int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len);
|
|
||||||
|
|
||||||
err = nla_parse(cda, attr_count, attr, attrlen,
|
|
||||||
ss->cb[cb_id].policy);
|
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
return err;
|
return err;
|
||||||
} else
|
|
||||||
return -EINVAL;
|
|
||||||
|
|
||||||
err = nc->call(nfnl, skb, nlh, cda);
|
err = nc->call(nfnl, skb, nlh, cda);
|
||||||
if (err == -EAGAIN)
|
if (err == -EAGAIN)
|
||||||
|
Loading…
Reference in New Issue
Block a user