Patch for unexpectedly aligned messages

Marc de Kruijf mdekruijf at gmail.com
Wed Aug 26 17:28:01 EDT 2009


Hi,

I have been using the libnl's generic netlink support for my user
application.  I found the following bug, where nlmsg_ok() in lib/msg.c would
incorrectly return 'true' when the input argument 'remaining' was a negative
number.  This happens when the message is not aligned the way that libnl
expects (although it is still legal).

In the comparison of the signed and unsigned numbers on line 284, the signed
number gets converted to an unsigned number, which is unexpected and
naturally produces a bug.  My patch is below.  The cast is ugly, but it
fixes the problem.

Marc

---------------

diff --git a/lib/msg.c b/lib/msg.c
index 22761a0..01779b1 100644
--- a/lib/msg.c
+++ b/lib/msg.c

@@ -284,7 +284,7 @@ int nlmsg_valid_hdr(const struct nlmsghdr *nlh, int
hdrlen)
  */
 int nlmsg_ok(const struct nlmsghdr *nlh, int remaining)
 {
-       return (remaining >= sizeof(struct nlmsghdr) &&
+       return (remaining >= (int)sizeof(struct nlmsghdr) &&
                nlh->nlmsg_len >= sizeof(struct nlmsghdr) &&
                nlh->nlmsg_len <= remaining);
 }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bombadil.infradead.org/pipermail/libnl/attachments/20090826/87e9c5fb/attachment.htm>


More information about the libnl mailing list