aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--net/netfilter/nfnetlink.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 578e4fe40945..84efffdbade3 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -163,17 +163,16 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys,
163 cb_id, subsys->cb_count); 163 cb_id, subsys->cb_count);
164 return -EINVAL; 164 return -EINVAL;
165 } 165 }
166
167 attr_count = subsys->cb[cb_id].attr_count;
168
169 memset(cda, 0, sizeof(struct nfattr *) * attr_count);
170 166
171 /* check attribute lengths. */
172 min_len = NLMSG_ALIGN(sizeof(struct nfgenmsg)); 167 min_len = NLMSG_ALIGN(sizeof(struct nfgenmsg));
173 if (nlh->nlmsg_len < min_len) 168 if (unlikely(nlh->nlmsg_len < min_len))
174 return -EINVAL; 169 return -EINVAL;
175 170
176 if (nlh->nlmsg_len > min_len) { 171 attr_count = subsys->cb[cb_id].attr_count;
172 memset(cda, 0, sizeof(struct nfattr *) * attr_count);
173
174 /* check attribute lengths. */
175 if (likely(nlh->nlmsg_len > min_len)) {
177 struct nfattr *attr = NFM_NFA(NLMSG_DATA(nlh)); 176 struct nfattr *attr = NFM_NFA(NLMSG_DATA(nlh));
178 int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len); 177 int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len);
179 178
@@ -186,8 +185,10 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys,
186 } 185 }
187 attr = NFA_NEXT(attr, attrlen); 186 attr = NFA_NEXT(attr, attrlen);
188 } 187 }
189 } else 188 }
190 return -EINVAL; 189
190 /* implicit: if nlmsg_len == min_len, we return 0, and an empty
191 * (zeroed) cda[] array. The message is valid, but empty. */
191 192
192 return 0; 193 return 0;
193} 194}