rule: netlink attribute offset is uint32_t for struct nlerr_loc

The maximum netlink message length (nlh->nlmsg_len) is uint32_t, struct
nlerr_loc stores the offset to the netlink attribute which must be
uint32_t, not uint16_t.

While at it, remove check for zero netlink attribute offset in
nft_cmd_error() which should not ever happen, likely this check was
there to prevent the uint16_t offset overflow.

Fixes: f8aec603aa7e ("src: initial extended netlink error reporting")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/include/rule.h b/include/rule.h
index a1628d82d275c2f4ad78df499987faed3638219b..3fcfa445d1037215537f625651ae135567f4e7fe 100644 (file)
--- a/include/rule.h
+++ b/include/rule.h
@@ -695,7 +695,7 @@ void monitor_free(struct monitor *m);
 #define NFT_NLATTR_LOC_MAX 32
 
 struct nlerr_loc {
-       uint16_t                offset;
+       uint32_t                offset;
        const struct location   *location;
 };
 

diff --git a/src/cmd.c b/src/cmd.c
index 78a2aa3025ed571c9cdf058e60c235060faee477..0c7a43edd73ac27dbdf3ade23b56aa5fa89e13d7 100644 (file)
--- a/src/cmd.c
+++ b/src/cmd.c
@@ -323,8 +323,6 @@ void nft_cmd_error(struct netlink_ctx *ctx, struct cmd *cmd,
        uint32_t i;
 
        for (i = 0; i < cmd->num_attrs; i++) {
-               if (!cmd->attr[i].offset)
-                       break;
                if (cmd->attr[i].offset == err->offset)
                        loc = cmd->attr[i].location;
        }