summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTopi Miettinen <toiwoton@gmail.com>2021-09-10 12:58:45 +0300
committerFlorian Westphal <fw@strlen.de>2021-09-20 13:24:36 +0200
commit628dd3f3b654227b6e07b9b4a9d4accba4d67007 (patch)
treee5910090e5b75e4275246dc0f03d08d47170436c
parent9f52afa608393484028229e90df6ee0bd1513197 (diff)
libnetfilter_queue: src/nlmsg.c: SECCTX can be of any length
Typically security contexts are not 'u32' sized but strings, for example 'system_u:object_r:my_http_client_packet_t:s0'. Fix length validation check to allow any context sizes. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r--src/nlmsg.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/nlmsg.c b/src/nlmsg.c
index b1154fc..5400dd7 100644
--- a/src/nlmsg.c
+++ b/src/nlmsg.c
@@ -253,7 +253,6 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
case NFQA_IFINDEX_PHYSOUTDEV:
case NFQA_CAP_LEN:
case NFQA_SKB_INFO:
- case NFQA_SECCTX:
case NFQA_UID:
case NFQA_GID:
case NFQA_CT_INFO:
@@ -281,6 +280,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
case NFQA_PAYLOAD:
case NFQA_CT:
case NFQA_EXP:
+ case NFQA_SECCTX:
break;
}
tb[type] = attr;