summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2015-08-18 18:51:50 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2015-08-18 19:21:37 +0200
commit38a46caa55ffe1ffee662503ac8abb57522baaa3 (patch)
tree86386c128e2a29fc2e704f37d49d3c295a103967
parent900d7e80b8d8339622912c88f6faea96af4115d7 (diff)
conntrackd: fix sanitization of expection attribute in the wire format
The maximum number of attribute is NTA_EXP_MAX for expectation sync messages. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat
-rw-r--r--src/parse.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/parse.c b/src/parse.c
index f3ec6ac..878e354 100644
--- a/src/parse.c
+++ b/src/parse.c
@@ -510,7 +510,7 @@ int msg2exp(struct nf_expect *exp, struct nethdr *net, size_t remain)
ATTR_NETWORK2HOST(attr);
if (attr->nta_len > len)
goto err;
- if (attr->nta_attr > NTA_MAX)
+ if (attr->nta_attr >= NTA_EXP_MAX)
goto err;
if (attr->nta_len < NTA_LENGTH(0))
goto err;