From 367cbfaae87c1f539c729b0653d920701beac3be Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sun, 20 Jul 2014 14:09:34 +0200
Subject: src: stricter netlink attribute length validation

If the kernel sends us different data length for a given attribute,
stop further processing and indicate that an ABI breakage has ocurred.
This is an example of the (hypothetical) message that is shown in that
case:

 nf_tables kernel ABI is broken, contact your vendor.
 table.c:214 reason: Numerical result out of range

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/internal.h | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'src/internal.h')

diff --git a/src/internal.h b/src/internal.h
index b8ed616..7b848db 100644
--- a/src/internal.h
+++ b/src/internal.h
@@ -211,4 +211,13 @@ void __nft_assert_fail(uint16_t attr, const char *filename, int line);
 		nft_assert(data, attr, _validate_array[_attr] == _data_len);	\
 })
 
+#define __noreturn	__attribute__((__noreturn__))
+
+void __noreturn __abi_breakage(const char *file, int line, const char *reason);
+
+#include <string.h>
+
+#define abi_breakage()	\
+	__abi_breakage(__FILE__, __LINE__, strerror(errno));
+
 #endif
-- 
cgit v1.2.3