rule: netlink attribute offset is uint32_t for struct nlerr_loc

The maximum netlink message length (nlh->nlmsg_len) is uint32_t, struct nlerr_loc stores the offset to the netlink attribute which must be uint32_t, not uint16_t. While at it, remove check for zero netlink attribute offset in nft_cmd_error() which should not ever happen, likely this check was there to prevent the uint16_t offset overflow. Fixes: f8aec603aa7e ("src: initial extended netlink error reporting") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2024-10-24 00:08:24 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2024-10-28 23:20:38 +0100
commit: 42b081df747729b0d83b69d2816be4091af56a58 (patch)
tree: 0d56428b12dcd7b44e28e1e796c70c3b03e1ad64 /src/cmd.c
parent: f7c2b27c9f8356c634f0405347444e03e10e151b (diff)
1 files changed, 0 insertions, 2 deletions
diff --git a/src/cmd.c b/src/cmd.c
index 78a2aa30..0c7a43ed 100644
--- a/src/cmd.c
+++ b/src/cmd.c
@@ -323,8 +323,6 @@ void nft_cmd_error(struct netlink_ctx *ctx, struct cmd *cmd,
 	uint32_t i;
 
 	for (i = 0; i < cmd->num_attrs; i++) {
-		if (!cmd->attr[i].offset)
-			break;
 		if (cmd->attr[i].offset == err->offset)
 			loc = cmd->attr[i].location;
 	}
author	Pablo Neira Ayuso <pablo@netfilter.org>	2024-10-24 00:08:24 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2024-10-28 23:20:38 +0100
commit	42b081df747729b0d83b69d2816be4091af56a58 (patch)
tree	0d56428b12dcd7b44e28e1e796c70c3b03e1ad64 /src/cmd.c
parent	f7c2b27c9f8356c634f0405347444e03e10e151b (diff)