src: remove NFT_NLATTR_LOC_MAX limit for netlink location error reporting

Set might have more than 16 elements, use a runtime array to store
netlink error location.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

2 files changed, 9 insertions, 3 deletions

diff --git a/src/cmd.c b/src/cmd.c
index f6a8aa11..63692422 100644
--- a/src/cmd.c
+++ b/src/cmd.c
@@ -237,7 +237,7 @@ void nft_cmd_error(struct netlink_ctx *ctx, struct cmd *cmd,
 		   struct mnl_err *err)
 {
 	const struct location *loc = NULL;
-	int i;
+	uint32_t i;
 
 	for (i = 0; i < cmd->num_attrs; i++) {
 		if (!cmd->attr[i].offset)
diff --git a/src/rule.c b/src/rule.c
index 0526a148..c71f0226 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1279,6 +1279,9 @@ struct cmd *cmd_alloc(enum cmd_ops op, enum cmd_obj obj,
 	cmd->handle   = *h;
 	cmd->location = *loc;
 	cmd->data     = data;
+	cmd->attr     = xzalloc_array(NFT_NLATTR_LOC_MAX,
+				      sizeof(struct nlerr_loc));
+	cmd->attr_array_len = NFT_NLATTR_LOC_MAX;
 	init_list_head(&cmd->collapse_list);
 
 	return cmd;
@@ -1286,8 +1289,10 @@ struct cmd *cmd_alloc(enum cmd_ops op, enum cmd_obj obj,
 
 void cmd_add_loc(struct cmd *cmd, uint16_t offset, const struct location *loc)
 {
-	if (cmd->num_attrs >= NFT_NLATTR_LOC_MAX)
-		return;
+	if (cmd->num_attrs >= cmd->attr_array_len) {
+		cmd->attr_array_len *= 2;
+		cmd->attr = xrealloc(cmd->attr, sizeof(struct nlerr_loc) * cmd->attr_array_len);
+	}
 
 	cmd->attr[cmd->num_attrs].offset = offset;
 	cmd->attr[cmd->num_attrs].location = loc;
@@ -1537,6 +1542,7 @@ void cmd_free(struct cmd *cmd)
 			BUG("invalid command object type %u\n", cmd->obj);
 		}
 	}
+	xfree(cmd->attr);
 	xfree(cmd->arg);
 	xfree(cmd);
 }