libnetfilter_queue: src/nlmsg.c: SECCTX can be of any length

Typically security contexts are not 'u32' sized but strings, for example 'system_u:object_r:my_http_client_packet_t:s0'. Fix length validation check to allow any context sizes. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de>
author: Topi Miettinen <toiwoton@gmail.com> 2021-09-10 12:58:45 +0300
committer: Florian Westphal <fw@strlen.de> 2021-09-20 13:24:36 +0200
commit: 628dd3f3b654227b6e07b9b4a9d4accba4d67007 (patch)
tree: e5910090e5b75e4275246dc0f03d08d47170436c
parent: 9f52afa608393484028229e90df6ee0bd1513197 (diff)
download: libnetfilter_queue-628dd3f3b654227b6e07b9b4a9d4accba4d67007.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/nlmsg.c b/src/nlmsg.c
index b1154fc..5400dd7 100644
--- a/src/nlmsg.c
+++ b/src/nlmsg.c
@@ -253,7 +253,6 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
 	case NFQA_IFINDEX_PHYSOUTDEV:
 	case NFQA_CAP_LEN:
 	case NFQA_SKB_INFO:
-	case NFQA_SECCTX:
 	case NFQA_UID:
 	case NFQA_GID:
 	case NFQA_CT_INFO:
@@ -281,6 +280,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
 	case NFQA_PAYLOAD:
 	case NFQA_CT:
 	case NFQA_EXP:
+	case NFQA_SECCTX:
 		break;
 	}
 	tb[type] = attr;
author	Topi Miettinen <toiwoton@gmail.com>	2021-09-10 12:58:45 +0300
committer	Florian Westphal <fw@strlen.de>	2021-09-20 13:24:36 +0200
commit	628dd3f3b654227b6e07b9b4a9d4accba4d67007 (patch)
tree	e5910090e5b75e4275246dc0f03d08d47170436c
parent	9f52afa608393484028229e90df6ee0bd1513197 (diff)
download	libnetfilter_queue-628dd3f3b654227b6e07b9b4a9d4accba4d67007.tar.gz