Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7f87712c authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

netfilter: nfnetlink_queue: only add CAP_LEN attr when needed 



CAP_LEN contains the size of the network packet we're queueing to
userspace, i.e. normally it is the same as the NFQA_PAYLOAD attribute len.

Include it only in the unlikely case when NFQA_PAYLOAD is truncated due
to copy_range limitations.

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 9cefbbc9

net/netfilter/nfnetlink_queue_core.c

+2 −1
Original line number Original line Diff line number Diff line
@@ -472,7 +472,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, 
	if (ct && nfqnl_ct_put(skb, ct, ctinfo) < 0)

	if (ct && nfqnl_ct_put(skb, ct, ctinfo) < 0)

		goto nla_put_failure;

		goto nla_put_failure;





	if (cap_len > 0 && nla_put_be32(skb, NFQA_CAP_LEN, htonl(cap_len)))

	if (cap_len > data_len &&

	    nla_put_be32(skb, NFQA_CAP_LEN, htonl(cap_len)))

		goto nla_put_failure;

		goto nla_put_failure;





	if (nfqnl_put_packet_info(skb, entskb))

	if (nfqnl_put_packet_info(skb, entskb))