Age | Commit message (Collapse) | Author |
|
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
better to rename this function since its return value is not similar
to other _ok() functions, for consistency.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
msg.c: In function ‘mnl_nlmsg_ok’:
msg.c:136: warning: comparison between signed and unsigned
msg.c:138: warning: comparison between signed and unsigned
attr.c: In function ‘mnl_attr_ok’:
attr.c:79: warning: comparison between signed and unsigned
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
attr.c: In function ‘mnl_attr_validate’:
attr.c:189: warning: comparison of unsigned expression < 0 is always false
attr.c: In function ‘mnl_attr_validate2’:
attr.c:210: warning: comparison of unsigned expression < 0 is always false
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
And include the prototype in libmnl.h, since it was missing
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
We remove mnl_align() since it has been replaced by the macro
MNL_ALIGN(). The macro allows its use in static arrays and
such.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch changes the callback handlers to include netlink portID
checking. Thus, we avoid that any malicious process can spoof
messages.
If portid, sequence number of the message is != 0, we check if the
message is what we expect. This allows to use the same netlink channel
for dumps (portid, seq != 0) and event-based notifications (portid, seq == 0).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch includes the new validation infrastructure which is
decoupled from the attribute parsing. It is composed of:
- mnl_attr_type_invalid: that allows to check if the attribute type
is valid (ie. the type is not higher than WXYZ_MAX).
- mnl_attr_validate: that allows to validate that there's enough room
for the attribute data.
The patch includes the rework of the attribute parsers. Now, you don't
have to use an array of pointer to store the result of the parsing,
you can use whatever data structure instead.
The prototype as it follows:
typedef int (*mnl_attr_cb_t)(const struct nlattr *attr, void *data);
extern int mnl_attr_parse(const struct nlmsghdr *nlh, int offset, mnl_attr_cb_t cb, void *data)
There are three versions of rtnl-link-dump.c that show how attribute
parsing can be done now. Probably that many examples are not good idea,
I may remove some of them from the tree in the future.
This patch also merges mnl_attr_parse_at_offset into mnl_attr_parse.
This patch modifies MNL_ALIGN so that we can use it in static
arrays (the use of mnl_align() is not allowed in compilation time
to initialize an array field).
I have added the mnl_attr_for_each() macro and I have changed
mnl_attr_for_each_nested() to declare the length variable internally.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
it's deeply broken 8-)
|
|
netlink is not connection-oriented, we have to check the origin
of the message.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
the use of unsigned int in the number of bytes affects other message
handling helper function, hold on with this.
|
|
|
|
This library is distributed under GPLv2+.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
This patch may contain errors but we can review them and fix them later,
better to have it in the tree (to allow others to contribute) to keep it
in my local tree.
|
|
|
|
|
|
|