From: Harald Welte <laforge@gnumonks.org>
Date: Fri, 14 Nov 2003 19:17:45 +0000 (+0000)
Subject: check if received netlink messages are really from the kernel (pid==0)
X-Git-Tag: v1.3.0-rc1~156
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e5105970e87c0c877a6c54c775f83d30f8d7b57c;p=thirdparty%2Fiptables.git

check if received netlink messages are really from the kernel (pid==0)
---

diff --git a/libipq/libipq.c b/libipq/libipq.c
index 709c8a21..a25ad4ce 100644
--- a/libipq/libipq.c
+++ b/libipq/libipq.c
@@ -171,6 +171,10 @@ static ssize_t ipq_netlink_recvfrom(const struct ipq_handle *h,
 		ipq_errno = IPQ_ERR_RECV;
 		return -1;
 	}
+	if (h->peer.nl_pid != 0) {
+		ipq_errno = IPQ_ERR_RECV;
+		return -1;
+	}
 	if (status == 0) {
 		ipq_errno = IPQ_ERR_NLEOF;
 		return -1;