[RFC] remove NLA_STRING NUL trimming

[RFC] remove NLA_STRING NUL trimming

[Johannes Berg]

Looking through the netlink/attr.c code I noticed that NLA_STRING
attributes that end with a binary NUL have it removed before passing it
to the consumer.

For wireless, we have a few places where we need to be able to accept
any (even binary) values, for example for the SSID; the SSID can validly
end with \0 and I'd still love to be able to take advantage of
NLA_STRING and .len = 32 so I don't need to check the length myself.
However, given the code above, an SSID with a terminating \0 would be
reduced by one character.

This patch removes the trimming.

Signed-off-by: Johannes Berg <johannes@sipsolutions.net>

---
This shouldn't break things if all users that rely on terminating NULs
have migrated to NLA_NUL_STRING already. I don't see many users of
NLA_STRING still, but if we can't make that change because some users
still rely on it trimming the NUL I could also make a patch that
introduces NLA_BIN_STRING with the changed semantics.

--- wireless-dev.orig/net/netlink/attr.c	2007-03-23 00:06:41.293435409 +0100
+++ wireless-dev/net/netlink/attr.c	2007-03-23 00:07:13.753435409 +0100
@@ -56,15 +56,8 @@ static int validate_nla(struct nlattr *n
 		if (attrlen < 1)
 			return -ERANGE;
 
-		if (pt->len) {
-			char *buf = nla_data(nla);
-
-			if (buf[attrlen - 1] == '\0')
-				attrlen--;
-
-			if (attrlen > pt->len)
-				return -ERANGE;
-		}
+		if (pt->len && attrlen > pt->len)
+			return -ERANGE;
 		break;
 
 	default:

Re: [RFC] remove NLA_STRING NUL trimming

[Thomas Graf]

* Johannes Berg <johannes@sipsolutions.net> 2007-03-23 00:12
> Looking through the netlink/attr.c code I noticed that NLA_STRING
> attributes that end with a binary NUL have it removed before passing it
> to the consumer.

It's not really removed, the trailing NUL is just ignored when checking
the length of the attribute. This is needed for older netlink families
where strings are not always NUL terminated, yet we still need to accept
the additional byte needed in case it is present. This validation is
strictly necessary, otherwise nla_strcmp() and others will fail.

> For wireless, we have a few places where we need to be able to accept
> any (even binary) values, for example for the SSID; the SSID can validly
> end with \0 and I'd still love to be able to take advantage of
> NLA_STRING and .len = 32 so I don't need to check the length myself.
> However, given the code above, an SSID with a terminating \0 would be
> reduced by one character.

I suggest that you introduce NLA_BINARY which enforces a maximum length.

Re: [RFC] remove NLA_STRING NUL trimming

[Johannes Berg]

[-- Attachment #1: Type: text/plain, Size: 985 bytes --]

On Fri, 2007-03-23 at 15:20 +0100, Thomas Graf wrote:

> It's not really removed, the trailing NUL is just ignored when checking
> the length of the attribute. 

Good point.

> This is needed for older netlink families
> where strings are not always NUL terminated, yet we still need to accept
> the additional byte needed in case it is present. This validation is
> strictly necessary, otherwise nla_strcmp() and others will fail.

Ok.

> > For wireless, we have a few places where we need to be able to accept
> > any (even binary) values, for example for the SSID; the SSID can validly
> > end with \0 and I'd still love to be able to take advantage of
> > NLA_STRING and .len = 32 so I don't need to check the length myself.
> > However, given the code above, an SSID with a terminating \0 would be
> > reduced by one character.
> 
> I suggest that you introduce NLA_BINARY which enforces a maximum length.

Alright, I'll post a patch in a bit.

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]