Commit cabaa9bf authored by Eric Leblond's avatar Eric Leblond Committed by David S. Miller

[NETFILTER]: nfnetlink_queue: fix computation of allocated size for netlink skb.

Size of the netlink skb was wrongly computed because the formula was using
NLMSG_ALIGN instead of NLMSG_SPACE. NLMSG_ALIGN does not add the room for
netlink header as NLMSG_SPACE does. This was causing a failure of message
building in some cases.

On my test system, all messages for packets in range [8*k+41, 8*k+48] where k
is an integer were invalid and the corresponding packets were dropped.
Signed-off-by: default avatarEric Leblond <eric@inl.fr>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent b5e85dee
...@@ -224,7 +224,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, ...@@ -224,7 +224,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
struct net_device *indev; struct net_device *indev;
struct net_device *outdev; struct net_device *outdev;
size = NLMSG_ALIGN(sizeof(struct nfgenmsg)) size = NLMSG_SPACE(sizeof(struct nfgenmsg))
+ nla_total_size(sizeof(struct nfqnl_msg_packet_hdr)) + nla_total_size(sizeof(struct nfqnl_msg_packet_hdr))
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */ + nla_total_size(sizeof(u_int32_t)) /* ifindex */
+ nla_total_size(sizeof(u_int32_t)) /* ifindex */ + nla_total_size(sizeof(u_int32_t)) /* ifindex */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment