From: Phil Sutter <phil@nwl.cc>
Date: Tue, 7 Oct 2025 15:51:32 +0000 (+0200)
Subject: mnl: Drop asterisk from end of NFTA_DEVICE_PREFIX strings
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=11b9415fd63d245b1a3230aa4f7cd1e2b0639ddd;p=thirdparty%2Fnftables.git

mnl: Drop asterisk from end of NFTA_DEVICE_PREFIX strings

The asterisk left in place becomes part of the prefix by accident and is thus
both included when matching interface names as well as dumped back to user
space.

Fixes: c31e887504a90 ("mnl: Support simple wildcards in netdev hooks")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/src/mnl.c b/src/mnl.c
index bba34b73..ab4a7dbc 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -815,9 +815,16 @@ static bool is_wildcard_str(const char *str)
 
 static void mnl_nft_attr_put_ifname(struct nlmsghdr *nlh, const char *ifname)
 {
-	uint16_t attr = is_wildcard_str(ifname) ?
-			NFTA_DEVICE_PREFIX : NFTA_DEVICE_NAME;
+	uint16_t attr = NFTA_DEVICE_NAME;
+	char pfx[IFNAMSIZ];
 
+	if (is_wildcard_str(ifname)) {
+		snprintf(pfx, IFNAMSIZ, "%s", ifname);
+		pfx[strlen(pfx) - 1] = '\0';
+
+		attr = NFTA_DEVICE_PREFIX;
+		ifname = pfx;
+	}
 	mnl_attr_put_strz(nlh, attr, ifname);
 }