|
This patch changes the callback handlers to include netlink portID
checking. Thus, we avoid that any malicious process can spoof
messages.
If portid, sequence number of the message is != 0, we check if the
message is what we expect. This allows to use the same netlink channel
for dumps (portid, seq != 0) and event-based notifications (portid, seq == 0).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch includes the new validation infrastructure which is
decoupled from the attribute parsing. It is composed of:
- mnl_attr_type_invalid: that allows to check if the attribute type
is valid (ie. the type is not higher than WXYZ_MAX).
- mnl_attr_validate: that allows to validate that there's enough room
for the attribute data.
The patch includes the rework of the attribute parsers. Now, you don't
have to use an array of pointer to store the result of the parsing,
you can use whatever data structure instead.
The prototype as it follows:
typedef int (*mnl_attr_cb_t)(const struct nlattr *attr, void *data);
extern int mnl_attr_parse(const struct nlmsghdr *nlh, int offset, mnl_attr_cb_t cb, void *data)
There are three versions of rtnl-link-dump.c that show how attribute
parsing can be done now. Probably that many examples are not good idea,
I may remove some of them from the tree in the future.
This patch also merges mnl_attr_parse_at_offset into mnl_attr_parse.
This patch modifies MNL_ALIGN so that we can use it in static
arrays (the use of mnl_align() is not allowed in compilation time
to initialize an array field).
I have added the mnl_attr_for_each() macro and I have changed
mnl_attr_for_each_nested() to declare the length variable internally.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
