summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* src: fix incorrect building and parsing of the NFCTH_POLICY_SETX attributeHEADmasterLiping Zhang2017-03-241-12/+11
| | | | | | | | | | | | | | In nfct_helper_nlmsg_build_policy(), we always set the attribute type to NFCTH_POLICY_SET, so we cannot add more than one nfct_helper_policy to the kernel. Also: in nfct_helper_nlmsg_parse_policy(), we will increase the helper->policy_num for each nfct_helper_policy, but we mistakenly set it to the total number of nfct_helper_policy. So when the total number is more than 3, later out of bound access will happen. Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: kill the "invalid argument" error in nftc-helper-addLiping Zhang2017-03-221-0/+1
| | | | | | | | NFCTH_PRIV_DATA_LEN is a must attribute required by the kernel when creating the cthelper, add it now. Otherwise -EINVAL will be returned. Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: fix double free in nftc-helper-addLiping Zhang2017-03-211-1/+1
| | | | | | | | | | | | | | | | | | | | After inputting the following test command, core dump happened: # ./examples/nfct-helper-add test 1 *** Error in `.../libnetfilter_cthelper/examples/.libs/lt-nfct-helper-add': double free or corruption (fasttop): 0x0000000001f3c070 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x77de5)[0x7fd9ebe88de5] /lib64/libc.so.6(+0x8022a)[0x7fd9ebe9122a] /lib64/libc.so.6(cfree+0x4c)[0x7fd9ebe9478c] [...] Because "struct nfct_helper_policy *p" had been freed by nfct_helper_free, so there's no need to invoke nfct_helper_policy_free again, otherwise double free error will happen. Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Use __EXPORTED rather than EXPORT_SYMBOLKevin Cernekee2017-01-163-54/+36
| | | | | | | | | | | | | | clang is sensitive to the ordering of __attribute__((visibility("default"))) relative to the function body. gcc is not. So if we try to re-declare an existing function with default visibility, clang prints a warning and generates a broken .so file in which nfct_helper_* are not exported to library callers. Move the attribute up into the function definition to make clang happy. Signed-off-by: Kevin Cernekee <cernekee@chromium.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* include: Sync with kernel headersFelix Janda2015-05-211-41/+11
| | | | | Signed-off-by: Felix Janda <felix.janda@posteo.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: fix use after freeChristopher Horler2014-12-081-1/+1
| | | | | | | Fixes: https://bugzilla.netfilter.org/show_bug.cgi?id=990 Signed-off-by: Christopher Horler <cshorler@googlemail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* configure: uclinux is also linuxGustavo Zacarias2013-09-171-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Update .gitignoreJan Engelhardt2012-10-081-0/+18
| | | | Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* build: resolve automake-1.12 warningsJan Engelhardt2012-10-081-0/+1
| | | | | | | | /usr/share/automake-1.12/am/ltlibrary.am: warning: 'libnetfilter_cthelper.la': linking libtool libraries using a non-POSIX archiver requires 'AM_PROG_AR' in 'configure.ac' Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* bump version to 1.0.0libnetfilter_cthelper-1.0.0Pablo Neira Ayuso2012-10-081-1/+1
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* build: remove unnecessary pkgconfig->config.status dependencyJan Engelhardt2012-06-241-2/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* fix licensing termsPablo Neira Ayuso2012-06-052-626/+291
| | | | | | | | | | The licensing terms of this library were pretty inconsistent. This library is GPLv2+. Thanks to Jan Engelhardt and openSUSE legal team for spotting this. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: fix nfct-helper-add examplePablo Neira Ayuso2012-05-142-4/+14
| | | | | | to adapt it to the new API Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add NFCTH_STATUS and other enhancementsPablo Neira Ayuso2012-05-134-80/+297
| | | | | | | This patch includes the modification of the snprintf interface and the completition of the expectation policy handling. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* fix libnetfilter_cthelper.pc.in filePablo Neira Ayuso2012-04-161-5/+5
| | | | | | Fix wrong content. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* include: update NFNL_SUBSYS_CTHELPERPablo Neira Ayuso2012-04-121-2/+3
| | | | | | | This file contained the old NFNL_SUBSYS_CTHELPER, before the cttimeout infrastructure was added. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* cthelper: add NFCTH_ATTR_PRIV_DATA_LENPablo Neira Ayuso2012-02-023-0/+9
| | | | | | New attribute that is mandatory to set the size of the private data. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* initial importPablo Neira Ayuso2012-01-1625-0/+2148
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>