summaryrefslogtreecommitdiffstats
path: root/src/libnfnetlink.c
diff options
context:
space:
mode:
author/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org>2006-05-17 14:42:03 +0000
committer/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org>2006-05-17 14:42:03 +0000
commita652efb17254a13c74f7a3adf034f52c835096de (patch)
treecd2e351d96f22dbac5d8aa23ce5c5294671c7c48 /src/libnfnetlink.c
parentfb61d1f56ff3d84a725aaa4fac67fc5fbef5add5 (diff)
we cannot return -EINVAL when we encounter attributes > subsys->cb_count, since that compromises interoperability with future kernels which might introduce new attributes.
Diffstat (limited to 'src/libnfnetlink.c')
-rw-r--r--src/libnfnetlink.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/libnfnetlink.c b/src/libnfnetlink.c
index 8be9306..b864338 100644
--- a/src/libnfnetlink.c
+++ b/src/libnfnetlink.c
@@ -927,8 +927,13 @@ int nfnl_check_attributes(const struct nfnl_handle *h,
while (NFA_OK(attr, attrlen)) {
unsigned int flavor = NFA_TYPE(attr);
if (flavor) {
- if (flavor > cb->attr_count)
- return -EINVAL;
+ if (flavor > cb->attr_count) {
+ /* we have received an attribute from
+ * the kernel which we don't understand
+ * yet. We have to silently ignore this
+ * for the sake of future compatibility */
+ continue;
+ }
nfa[flavor - 1] = attr;
}
attr = NFA_NEXT(attr, attrlen);