From 6854ec003b42cf02d4b40c0942d49ede9f6d94c0 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 19 Feb 2020 12:00:31 +0100 Subject: [PATCH] src: Fix for reading garbage in nftnl_chain getters Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1758673 Upstream Status: libnftnl commit 629ee38dca486 commit 629ee38dca48651bc8c0eedf2f3a0066a6c0aa5b Author: Phil Sutter Date: Fri Feb 14 18:20:29 2020 +0100 src: Fix for reading garbage in nftnl_chain getters In {s,u}{32,64} type getters nftnl_assert() is called to make sure returned data length matches expectations. Therefore all attributes must set data_len, which NFTNL_CHAIN_DEVICES didn't. While being at it, do the same change for NFTNL_FLOWTABLE_DEVICES as well to make code a bit more consistent although the problem was fixed for flowtables with commit f8eed54150fd4 ("flowtable: Fix for reading garbage") already (but in the other direction). Fixes: e3ac19b5ec162 ("chain: multi-device support") Signed-off-by: Phil Sutter --- src/chain.c | 1 + src/flowtable.c | 1 + 2 files changed, 2 insertions(+) diff --git a/src/chain.c b/src/chain.c index b9a16fc..6e90763 100644 --- a/src/chain.c +++ b/src/chain.c @@ -365,6 +365,7 @@ const void *nftnl_chain_get_data(const struct nftnl_chain *c, uint16_t attr, *data_len = strlen(c->dev) + 1; return c->dev; case NFTNL_CHAIN_DEVICES: + *data_len = 0; return &c->dev_array[0]; } return NULL; diff --git a/src/flowtable.c b/src/flowtable.c index 9ba3b6d..bf3e443 100644 --- a/src/flowtable.c +++ b/src/flowtable.c @@ -231,6 +231,7 @@ const void *nftnl_flowtable_get_data(const struct nftnl_flowtable *c, *data_len = sizeof(int32_t); return &c->family; case NFTNL_FLOWTABLE_DEVICES: + *data_len = 0; return &c->dev_array[0]; case NFTNL_FLOWTABLE_SIZE: *data_len = sizeof(int32_t); -- 1.8.3.1