libnetlink: don't confuse variables in rtnl_talk()

There is two variables named 'len' in rtnl_talk. In fact, commit
c079e121a73a didn't work. For example, it was possible to trigger
a seg fault with this command:
$ ip link set gre2 type ip6gre hoplimit 32

Let's rename the argument len to maxlen.

Fixes: c079e121a73a ("libnetlink: add size argument to rtnl_talk")
Reported-by: Thomas Faivre <thomas.faivre@6wind.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>

diff --git a/lib/libnetlink.c b/lib/libnetlink.c
index 922ec2d9f8722283c3886cd6cfaaffa6e0b110ff..165821447b2d28663168683b6229bce2491f117a 100644 (file)
--- a/lib/libnetlink.c
+++ b/lib/libnetlink.c
@@ -332,7 +332,7 @@ int rtnl_dump_filter_nc(struct rtnl_handle *rth,
 }
 
 int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n,
-             struct nlmsghdr *answer, size_t len)
+             struct nlmsghdr *answer, size_t maxlen)
 {
        int status;
        unsigned seq;
@@ -415,7 +415,7 @@ int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n,
                                } else if (!err->error) {
                                        if (answer)
                                                memcpy(answer, h,
-                                                      MIN(len, h->nlmsg_len));
+                                                      MIN(maxlen, h->nlmsg_len));
                                        return 0;
                                }
 
@@ -427,7 +427,7 @@ int rtnl_talk(struct rtnl_handle *rtnl, struct nlmsghdr *n,
 
                        if (answer) {
                                memcpy(answer, h,
-                                      MIN(len, h->nlmsg_len));
+                                      MIN(maxlen, h->nlmsg_len));
                                return 0;
                        }