From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org, Patrick McHardy <kaber@trash.net>,
netfilter-devel@vger.kernel.org
Subject: netfilter 06/12: limit the length of the helper name
Date: Thu, 26 Mar 2009 20:02:38 +0100 (MET) [thread overview]
Message-ID: <20090326190233.23365.26846.sendpatchset@x2.localnet> (raw)
In-Reply-To: <20090326190225.23365.96356.sendpatchset@x2.localnet>
commit af9d32ad6718b9a80fa89f557cc1fbb63a93ec15
Author: Holger Eitzenberger <holger@eitzenberger.org>
Date: Wed Mar 25 18:44:01 2009 +0100
netfilter: limit the length of the helper name
This is necessary in order to have an upper bound for Netlink
message calculation, which is not a problem at all, as there
are no helpers with a longer name.
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index 66d65a7..ee2a4b3 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -14,6 +14,8 @@
struct module;
+#define NF_CT_HELPER_NAME_LEN 16
+
struct nf_conntrack_helper
{
struct hlist_node hnode; /* Internal use. */
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c
index a51bdac..805cfdd 100644
--- a/net/netfilter/nf_conntrack_helper.c
+++ b/net/netfilter/nf_conntrack_helper.c
@@ -142,6 +142,7 @@ int nf_conntrack_helper_register(struct nf_conntrack_helper *me)
BUG_ON(me->expect_policy == NULL);
BUG_ON(me->expect_class_max >= NF_CT_MAX_EXPECT_CLASSES);
+ BUG_ON(strlen(me->name) > NF_CT_HELPER_NAME_LEN - 1);
mutex_lock(&nf_ct_helper_mutex);
hlist_add_head_rcu(&me->hnode, &nf_ct_helper_hash[h]);
next prev parent reply other threads:[~2009-03-26 19:02 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-26 19:02 netfilter 00/12: Netfilter fixes/2.6.30 update part II Patrick McHardy
2009-03-26 19:02 ` netfilter 01/12: fix xt_LED build failure Patrick McHardy
2009-03-26 19:02 ` netfilter 02/12: nf_conntrack: use hlist_add_head_rcu() in nf_conntrack_set_hashsize() Patrick McHardy
2009-03-26 19:02 ` netfilter 03/12: factorize ifname_compare() Patrick McHardy
2009-03-26 19:02 ` netfilter 04/12: ctnetlink: add callbacks to the per-proto nlattrs Patrick McHardy
2009-03-26 19:02 ` netlink 05/12: add nla_policy_len() Patrick McHardy
2009-03-26 19:02 ` Patrick McHardy [this message]
2009-03-26 19:02 ` netfilter 07/12: {ip,ip6,arp}_tables: fix incorrect loop detection Patrick McHardy
2009-03-26 19:02 ` netfilter 08/12: nf_conntrack: use SLAB_DESTROY_BY_RCU and get rid of call_rcu() Patrick McHardy
2009-03-26 19:02 ` netfilter 09/12: ctnetlink: allocate right-sized ctnetlink skb Patrick McHardy
2009-03-26 19:02 ` netfilter 10/12: nf_conntrack: add generic function to get len of generic policy Patrick McHardy
2009-03-26 19:02 ` netfilter 11/12: nf_conntrack: calculate per-protocol nlattr size Patrick McHardy
2009-03-26 19:02 ` ctnetlink 12/12: compute generic part of event more acurately Patrick McHardy
2009-03-27 5:46 ` netfilter 00/12: Netfilter fixes/2.6.30 update part II David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090326190233.23365.26846.sendpatchset@x2.localnet \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.