diff options
author | Topi Miettinen <toiwoton@gmail.com> | 2021-09-10 12:58:45 +0300 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2021-09-20 13:24:36 +0200 |
commit | 628dd3f3b654227b6e07b9b4a9d4accba4d67007 (patch) | |
tree | e5910090e5b75e4275246dc0f03d08d47170436c | |
parent | 9f52afa608393484028229e90df6ee0bd1513197 (diff) | |
download | libnetfilter_queue-628dd3f3b654227b6e07b9b4a9d4accba4d67007.tar.gz |
libnetfilter_queue: src/nlmsg.c: SECCTX can be of any length
Typically security contexts are not 'u32' sized but strings, for example
'system_u:object_r:my_http_client_packet_t:s0'.
Fix length validation check to allow any context sizes.
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r-- | src/nlmsg.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/nlmsg.c b/src/nlmsg.c index b1154fc..5400dd7 100644 --- a/src/nlmsg.c +++ b/src/nlmsg.c @@ -253,7 +253,6 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data) case NFQA_IFINDEX_PHYSOUTDEV: case NFQA_CAP_LEN: case NFQA_SKB_INFO: - case NFQA_SECCTX: case NFQA_UID: case NFQA_GID: case NFQA_CT_INFO: @@ -281,6 +280,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data) case NFQA_PAYLOAD: case NFQA_CT: case NFQA_EXP: + case NFQA_SECCTX: break; } tb[type] = attr; |