diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-09-06 17:09:26 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-09-24 14:47:40 +0200 |
| commit | ba8d3b0bf5900b9ee5354e7d73358867763a6766 (patch) | |
| tree | f8962ef36f2dcd19c5b3675a0b5e7c9274860d5e /net/wimax | |
| parent | 7be54ca4764bdead40bee7b645a72718c20ff2c8 (diff) | |
| download | linux-stable-ba8d3b0bf5900b9ee5354e7d73358867763a6766.tar.gz linux-stable-ba8d3b0bf5900b9ee5354e7d73358867763a6766.tar.bz2 linux-stable-ba8d3b0bf5900b9ee5354e7d73358867763a6766.zip | |
netfilter: nfnetlink_queue: fix maximum packet length to userspace
The packets that we send via NFQUEUE are encapsulated in the NFQA_PAYLOAD
attribute. The length of the packet in userspace is obtained via
attr->nla_len field. This field contains the size of the Netlink
attribute header plus the packet length.
If the maximum packet length is specified, ie. 65535 bytes, and
packets in the range of (65531,65535] are sent to userspace, the
attr->nla_len overflows and it reports bogus lengths to the
application.
To fix this, this patch limits the maximum packet length to 65531
bytes. If larger packet length is specified, the packet that we
send to user-space is truncated to 65531 bytes.
To support 65535 bytes packets, we have to revisit the idea of
the 32-bits Netlink attribute length.
Reported-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/wimax')
0 files changed, 0 insertions, 0 deletions