* [nft PATCH] mnl: Drop asterisk from end of NFTA_DEVICE_PREFIX strings
@ 2025-10-07 15:55 Phil Sutter
2025-10-07 21:40 ` Pablo Neira Ayuso
0 siblings, 1 reply; 3+ messages in thread
From: Phil Sutter @ 2025-10-07 15:55 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: Florian Westphal, netfilter-devel
The asterisk left in place becomes part of the prefix by accident and is thus
both included when matching interface names as well as dumped back to user
space.
Fixes: c31e887504a90 ("mnl: Support simple wildcards in netdev hooks")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
This is covered by existing tests already. Looks like this late
conversion to NFTA_DEVICE_PREFIX went entirely untested by accident.
---
src/mnl.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/src/mnl.c b/src/mnl.c
index bba34b73a708f..ab4a7dbc8d252 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -815,9 +815,16 @@ static bool is_wildcard_str(const char *str)
static void mnl_nft_attr_put_ifname(struct nlmsghdr *nlh, const char *ifname)
{
- uint16_t attr = is_wildcard_str(ifname) ?
- NFTA_DEVICE_PREFIX : NFTA_DEVICE_NAME;
+ uint16_t attr = NFTA_DEVICE_NAME;
+ char pfx[IFNAMSIZ];
+ if (is_wildcard_str(ifname)) {
+ snprintf(pfx, IFNAMSIZ, "%s", ifname);
+ pfx[strlen(pfx) - 1] = '\0';
+
+ attr = NFTA_DEVICE_PREFIX;
+ ifname = pfx;
+ }
mnl_attr_put_strz(nlh, attr, ifname);
}
--
2.51.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [nft PATCH] mnl: Drop asterisk from end of NFTA_DEVICE_PREFIX strings
2025-10-07 15:55 [nft PATCH] mnl: Drop asterisk from end of NFTA_DEVICE_PREFIX strings Phil Sutter
@ 2025-10-07 21:40 ` Pablo Neira Ayuso
2025-10-08 12:14 ` Phil Sutter
0 siblings, 1 reply; 3+ messages in thread
From: Pablo Neira Ayuso @ 2025-10-07 21:40 UTC (permalink / raw)
To: Phil Sutter; +Cc: Florian Westphal, netfilter-devel
On Tue, Oct 07, 2025 at 05:55:17PM +0200, Phil Sutter wrote:
> The asterisk left in place becomes part of the prefix by accident and is thus
> both included when matching interface names as well as dumped back to user
> space.
>
> Fixes: c31e887504a90 ("mnl: Support simple wildcards in netdev hooks")
> Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
Thanks.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [nft PATCH] mnl: Drop asterisk from end of NFTA_DEVICE_PREFIX strings
2025-10-07 21:40 ` Pablo Neira Ayuso
@ 2025-10-08 12:14 ` Phil Sutter
0 siblings, 0 replies; 3+ messages in thread
From: Phil Sutter @ 2025-10-08 12:14 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: Florian Westphal, netfilter-devel
On Tue, Oct 07, 2025 at 11:40:45PM +0200, Pablo Neira Ayuso wrote:
> On Tue, Oct 07, 2025 at 05:55:17PM +0200, Phil Sutter wrote:
> > The asterisk left in place becomes part of the prefix by accident and is thus
> > both included when matching interface names as well as dumped back to user
> > space.
> >
> > Fixes: c31e887504a90 ("mnl: Support simple wildcards in netdev hooks")
> > Signed-off-by: Phil Sutter <phil@nwl.cc>
>
> Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
Patch applied, thanks!
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-10-08 12:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-10-07 15:55 [nft PATCH] mnl: Drop asterisk from end of NFTA_DEVICE_PREFIX strings Phil Sutter
2025-10-07 21:40 ` Pablo Neira Ayuso
2025-10-08 12:14 ` Phil Sutter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).