提交 a42827b7 编写于 作者: H Harald Welte 提交者: David S. Miller

[NETFILTER]: cleanup nfnetlink_check_attributes()

1) memset return parameter 'cda' (nfattr pointer array) only on success
2) a message without attributes and just a 'struct nfgenmsg' is valid,
   don't return -EINVAL
3) use likely() and unlikely() where apropriate
Signed-off-by: NHarald Welte <laforge@netfilter.org>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 927ccbcc
...@@ -163,17 +163,16 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys, ...@@ -163,17 +163,16 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys,
cb_id, subsys->cb_count); cb_id, subsys->cb_count);
return -EINVAL; return -EINVAL;
} }
attr_count = subsys->cb[cb_id].attr_count;
memset(cda, 0, sizeof(struct nfattr *) * attr_count);
/* check attribute lengths. */
min_len = NLMSG_ALIGN(sizeof(struct nfgenmsg)); min_len = NLMSG_ALIGN(sizeof(struct nfgenmsg));
if (nlh->nlmsg_len < min_len) if (unlikely(nlh->nlmsg_len < min_len))
return -EINVAL; return -EINVAL;
if (nlh->nlmsg_len > min_len) { attr_count = subsys->cb[cb_id].attr_count;
memset(cda, 0, sizeof(struct nfattr *) * attr_count);
/* check attribute lengths. */
if (likely(nlh->nlmsg_len > min_len)) {
struct nfattr *attr = NFM_NFA(NLMSG_DATA(nlh)); struct nfattr *attr = NFM_NFA(NLMSG_DATA(nlh));
int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len); int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len);
...@@ -186,8 +185,10 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys, ...@@ -186,8 +185,10 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys,
} }
attr = NFA_NEXT(attr, attrlen); attr = NFA_NEXT(attr, attrlen);
} }
} else }
return -EINVAL;
/* implicit: if nlmsg_len == min_len, we return 0, and an empty
* (zeroed) cda[] array. The message is valid, but empty. */
return 0; return 0;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册