src: stricter netlink attribute length validation

If the kernel sends us different data length for a given attribute, stop further processing and indicate that an ABI breakage has ocurred. This is an example of the (hypothetical) message that is shown in that case: nf_tables kernel ABI is broken, contact your vendor. table.c:214 reason: Numerical result out of range Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2014-07-20 14:09:34 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-07-20 15:04:47 +0200
commit: 367cbfaae87c1f539c729b0653d920701beac3be (patch)
tree: 232077cd854cc757784383b56abcde8383b006dd /src/utils.c
parent: cac9b26874d60aa17c7cabe46d33e9114b24885d (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/src/utils.c b/src/utils.c
index 20a2fa3..1878390 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -225,3 +225,10 @@ void __nft_assert_fail(uint16_t attr, const char *filename, int line)
 		attr, filename, line);
 	exit(EXIT_FAILURE);
 }
+
+void __noreturn __abi_breakage(const char *file, int line, const char *reason)
+{
+       fprintf(stderr, "nf_tables kernel ABI is broken, contact your vendor.\n"
+		       "%s:%d reason: %s\n", file, line, reason);
+       exit(EXIT_FAILURE);
+}
author	Pablo Neira Ayuso <pablo@netfilter.org>	2014-07-20 14:09:34 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-07-20 15:04:47 +0200
commit	367cbfaae87c1f539c729b0653d920701beac3be (patch)
tree	232077cd854cc757784383b56abcde8383b006dd /src/utils.c
parent	cac9b26874d60aa17c7cabe46d33e9114b24885d (diff)