summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/internal/object.h10
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack.h5
-rw-r--r--src/conntrack/copy.c4
-rw-r--r--src/conntrack/parse.c4
-rw-r--r--src/conntrack/setter.c4
-rw-r--r--src/expect/setter.c4
6 files changed, 17 insertions, 14 deletions
diff --git a/include/internal/object.h b/include/internal/object.h
index 19d77b4..880f7c1 100644
--- a/include/internal/object.h
+++ b/include/internal/object.h
@@ -6,6 +6,8 @@
#ifndef _NFCT_OBJECT_H_
#define _NFCT_OBJECT_H_
+#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
+
/*
* nfct callback handler object
*/
@@ -161,11 +163,7 @@ struct nf_conntrack {
u_int32_t id;
u_int16_t zone;
-/* xt_helper uses a length size of 30 bytes, however, no helper name in
- * the tree has exceeded 16 bytes length. Since 2.6.29, the maximum
- * length accepted is 16 bytes, this limit is enforced during module load. */
-#define __NFCT_HELPER_NAMELEN 16
- char helper_name[__NFCT_HELPER_NAMELEN];
+ char helper_name[NFCT_HELPER_NAME_MAX];
/* According to Eric Paris <eparis@redhat.com> this field can be up to 4096
* bytes long. For that reason, we allocate this dynamically. */
char *secctx;
@@ -269,7 +267,7 @@ struct nf_expect {
u_int32_t id;
u_int16_t zone;
u_int32_t flags;
- char helper_name[__NFCT_HELPER_NAMELEN];
+ char helper_name[NFCT_HELPER_NAME_MAX];
u_int32_t set[1];
};
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 09e7920..f5add1a 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -716,6 +716,11 @@ enum ip_conntrack_status {
#define NFCT_DIR_REPLY 1
#define NFCT_DIR_MAX NFCT_DIR_REPLY+1
+/* xt_helper uses a length size of 30 bytes, however, no helper name in
+ * the tree has exceeded 16 bytes length. Since 2.6.29, the maximum
+ * length accepted is 16 bytes, this limit is enforced during module load. */
+#define NFCT_HELPER_NAME_MAX 16
+
#ifdef __cplusplus
}
#endif
diff --git a/src/conntrack/copy.c b/src/conntrack/copy.c
index c3a4fcc..cdce0de 100644
--- a/src/conntrack/copy.c
+++ b/src/conntrack/copy.c
@@ -405,8 +405,8 @@ static void copy_attr_repl_off_aft(struct nf_conntrack *dest,
static void copy_attr_helper_name(struct nf_conntrack *dest,
const struct nf_conntrack *orig)
{
- strncpy(dest->helper_name, orig->helper_name, __NFCT_HELPER_NAMELEN);
- dest->helper_name[__NFCT_HELPER_NAMELEN-1] = '\0';
+ strncpy(dest->helper_name, orig->helper_name, NFCT_HELPER_NAME_MAX);
+ dest->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0';
}
static void copy_attr_zone(struct nf_conntrack *dest,
diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c
index 8f8a01c..ee3074d 100644
--- a/src/conntrack/parse.c
+++ b/src/conntrack/parse.c
@@ -417,8 +417,8 @@ __parse_helper(const struct nfattr *attr, struct nf_conntrack *ct)
strncpy(ct->helper_name,
NFA_DATA(tb[CTA_HELP_NAME-1]),
- __NFCT_HELPER_NAMELEN);
- ct->helper_name[__NFCT_HELPER_NAMELEN-1] = '\0';
+ NFCT_HELPER_NAME_MAX);
+ ct->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0';
set_bit(ATTR_HELPER_NAME, ct->set);
}
diff --git a/src/conntrack/setter.c b/src/conntrack/setter.c
index 3282035..df06b04 100644
--- a/src/conntrack/setter.c
+++ b/src/conntrack/setter.c
@@ -310,8 +310,8 @@ static void set_attr_repl_off_aft(struct nf_conntrack *ct, const void *value)
static void set_attr_helper_name(struct nf_conntrack *ct, const void *value)
{
- strncpy(ct->helper_name, value, __NFCT_HELPER_NAMELEN);
- ct->helper_name[__NFCT_HELPER_NAMELEN-1] = '\0';
+ strncpy(ct->helper_name, value, NFCT_HELPER_NAME_MAX);
+ ct->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0';
}
static void set_attr_dccp_state(struct nf_conntrack *ct, const void *value)
diff --git a/src/expect/setter.c b/src/expect/setter.c
index 3cde4b0..08b3547 100644
--- a/src/expect/setter.c
+++ b/src/expect/setter.c
@@ -39,8 +39,8 @@ static void set_exp_attr_flags(struct nf_expect *exp, const void *value)
static void set_exp_attr_helper_name(struct nf_expect *exp, const void *value)
{
- strncpy(exp->helper_name, value, __NFCT_HELPER_NAMELEN);
- exp->helper_name[__NFCT_HELPER_NAMELEN-1] = '\0';
+ strncpy(exp->helper_name, value, NFCT_HELPER_NAME_MAX);
+ exp->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0';
}
const set_exp_attr set_exp_attr_array[ATTR_EXP_MAX] = {