Rick Xu wrote:
> int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
>                const void *data, int alen)
> {
>  ......
> 
>     if ((NFA_OK(nfa, nfa->nfa_len) + len) > maxlen) {
>         errno = ENOSPC;
>         return -1;
>     }
> 
>     subnfa = (struct nfattr *)(((char *)nfa) + NFA_OK(nfa, nfa->nfa_len));
> 
> .....
> }
> 
> NFA_OK looks so weird here. I think it should be:
> int nfnl_nfa_addattr_l(struct nfattr *nfa, int maxlen, int type,
>                const void *data, int alen)
> {
>  ......
> 
>     if ( NFA_ALIGN(nfa->nfa_len) + NFA_LENGTH(len) > maxlen) {
>         errno = ENOSPC;
>         return -1;
>     }
> 
>     subnfa = (struct nfattr *)(((char *)nfa) + NFA_ALIGN( nfa->nfa_len));
> 
> .....
> }
> 
> Please kindly correct me if I made a mistake.


Indeed, that function is completely broken but it does not have any
known client.

It seems a leftover of the days when we didn't have anything better to
nest attributes, so that it's completely useless these days. I have
fixed in SVN anyway. Patch attached.

-- 
"Los honestos son inadaptados sociales" -- Les Luthiers