diff options
author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2006-05-17 14:42:03 +0000 |
---|---|---|
committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org> | 2006-05-17 14:42:03 +0000 |
commit | a652efb17254a13c74f7a3adf034f52c835096de (patch) | |
tree | cd2e351d96f22dbac5d8aa23ce5c5294671c7c48 | |
parent | fb61d1f56ff3d84a725aaa4fac67fc5fbef5add5 (diff) |
we cannot return -EINVAL when we encounter attributes > subsys->cb_count, since that compromises interoperability with future kernels which might introduce new attributes.
-rw-r--r-- | src/libnfnetlink.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/libnfnetlink.c b/src/libnfnetlink.c index 8be9306..b864338 100644 --- a/src/libnfnetlink.c +++ b/src/libnfnetlink.c @@ -927,8 +927,13 @@ int nfnl_check_attributes(const struct nfnl_handle *h, while (NFA_OK(attr, attrlen)) { unsigned int flavor = NFA_TYPE(attr); if (flavor) { - if (flavor > cb->attr_count) - return -EINVAL; + if (flavor > cb->attr_count) { + /* we have received an attribute from + * the kernel which we don't understand + * yet. We have to silently ignore this + * for the sake of future compatibility */ + continue; + } nfa[flavor - 1] = attr; } attr = NFA_NEXT(attr, attrlen); |