[NETFILTER]: nfnetlink_queue: fix nfnetlink message size

Fix oversized message, use NLMSG_SPACE just one since it reserves space for the netlink header and NFA_SPACE for every attribute. Thanks to Harald Welte for the feedback Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2006-03-22 16:54:40 -0500
committer: David S. Miller <davem@davemloft.net> 2006-03-22 16:54:40 -0500
commit: f0d835835ba30686dc085e98c8eeac0b9c26e3b2 (patch)
tree: 85149be8e4154bda3fc9c979693fb5bf997d82f3 /net
parent: 1cde64365b0c4f576f8f45b834e6a6de081b5914 (diff)
1 files changed, 10 insertions, 9 deletions
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 2cf5fb8322c4..b5701662182e 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -354,16 +354,17 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
        QDEBUG("entered\n");
        /* all macros expand to constant values at compile time */
-        size =    NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hdr))
+        size =    NLMSG_SPACE(sizeof(struct nfgenmsg)) +
-                + NLMSG_SPACE(sizeof(u_int32_t))        /* ifindex */
+                + NFA_SPACE(sizeof(struct nfqnl_msg_packet_hdr))
-                + NLMSG_SPACE(sizeof(u_int32_t))        /* ifindex */
+                + NFA_SPACE(sizeof(u_int32_t))  /* ifindex */
+                + NFA_SPACE(sizeof(u_int32_t))  /* ifindex */
 #ifdef CONFIG_BRIDGE_NETFILTER
-                + NLMSG_SPACE(sizeof(u_int32_t))        /* ifindex */
+                + NFA_SPACE(sizeof(u_int32_t))  /* ifindex */
-                + NLMSG_SPACE(sizeof(u_int32_t))        /* ifindex */
+                + NFA_SPACE(sizeof(u_int32_t))  /* ifindex */
 #endif
-                + NLMSG_SPACE(sizeof(u_int32_t))        /* mark */
+                + NFA_SPACE(sizeof(u_int32_t))  /* mark */
-                + NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hw))
+                + NFA_SPACE(sizeof(struct nfqnl_msg_packet_hw))
-                + NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_timestamp));
+                + NFA_SPACE(sizeof(struct nfqnl_msg_packet_timestamp));
        outdev = entinf->outdev;
@@ -388,7 +389,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                else
                        data_len = queue->copy_range;
                
-                size += NLMSG_SPACE(data_len);
+                size += NFA_SPACE(data_len);
                break;
        
        default:
author	Pablo Neira Ayuso <pablo@netfilter.org>	2006-03-22 16:54:40 -0500
committer	David S. Miller <davem@davemloft.net>	2006-03-22 16:54:40 -0500
commit	f0d835835ba30686dc085e98c8eeac0b9c26e3b2 (patch)
tree	85149be8e4154bda3fc9c979693fb5bf997d82f3 /net
parent	1cde64365b0c4f576f8f45b834e6a6de081b5914 (diff)

diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 2cf5fb8322c4..b5701662182e 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c
@@ -354,16 +354,17 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
354	QDEBUG("entered\n");	354	QDEBUG("entered\n");
355		355
356	/* all macros expand to constant values at compile time */	356	/* all macros expand to constant values at compile time */
357	size = NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hdr))	357	size = NLMSG_SPACE(sizeof(struct nfgenmsg)) +
358	+ NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */	358	+ NFA_SPACE(sizeof(struct nfqnl_msg_packet_hdr))
359	+ NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */	359	+ NFA_SPACE(sizeof(u_int32_t)) /* ifindex */
		360	+ NFA_SPACE(sizeof(u_int32_t)) /* ifindex */
360	#ifdef CONFIG_BRIDGE_NETFILTER	361	#ifdef CONFIG_BRIDGE_NETFILTER
361	+ NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */	362	+ NFA_SPACE(sizeof(u_int32_t)) /* ifindex */
362	+ NLMSG_SPACE(sizeof(u_int32_t)) /* ifindex */	363	+ NFA_SPACE(sizeof(u_int32_t)) /* ifindex */
363	#endif	364	#endif
364	+ NLMSG_SPACE(sizeof(u_int32_t)) /* mark */	365	+ NFA_SPACE(sizeof(u_int32_t)) /* mark */
365	+ NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hw))	366	+ NFA_SPACE(sizeof(struct nfqnl_msg_packet_hw))
366	+ NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_timestamp));	367	+ NFA_SPACE(sizeof(struct nfqnl_msg_packet_timestamp));
367		368
368	outdev = entinf->outdev;	369	outdev = entinf->outdev;
369		370
@@ -388,7 +389,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
388	else	389	else
389	data_len = queue->copy_range;	390	data_len = queue->copy_range;
390		391
391	size += NLMSG_SPACE(data_len);	392	size += NFA_SPACE(data_len);
392	break;	393	break;
393		394
394	default:	395	default: