diff options
| author |   Jan Engelhardt <jengelh@medozas.de> | 2008-10-08 11:35:13 +0200 |
|---|---|---|
| committer |   Patrick McHardy <kaber@trash.net> | 2008-10-08 11:35:13 +0200 |
| commit | 18219d3f7d6a5bc43825a41e0763158efbdb80d3 (patch) | |
| tree | aca133d934ec93fc441d5a26937b2428d23573bd /net/bridge/netfilter/ebt_vlan.c | |
| parent | netfilter: Add documentation for tproxy (diff) | |
| download | linux-dev-18219d3f7d6a5bc43825a41e0763158efbdb80d3.tar.xz linux-dev-18219d3f7d6a5bc43825a41e0763158efbdb80d3.zip | |
netfilter: ebtables: do centralized size checking
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/bridge/netfilter/ebt_vlan.c')
| -rw-r--r-- | net/bridge/netfilter/ebt_vlan.c | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/net/bridge/netfilter/ebt_vlan.c b/net/bridge/netfilter/ebt_vlan.c index ab60b0dade80..4dba47aefc8a 100644 --- a/net/bridge/netfilter/ebt_vlan.c +++ b/net/bridge/netfilter/ebt_vlan.c @@ -22,6 +22,7 @@ #include <linux/if_vlan.h> #include <linux/module.h> #include <linux/moduleparam.h> +#include <linux/netfilter/x_tables.h> #include <linux/netfilter_bridge/ebtables.h> #include <linux/netfilter_bridge/ebt_vlan.h> @@ -93,14 +94,6 @@ ebt_check_vlan(const char *tablename, { struct ebt_vlan_info *info = data; - /* Parameters buffer overflow check */ - if (datalen != EBT_ALIGN(sizeof(struct ebt_vlan_info))) { - DEBUG_MSG - ("passed size %d is not eq to ebt_vlan_info (%Zd)\n", - datalen, sizeof(struct ebt_vlan_info)); - return -EINVAL; - } - /* Is it 802.1Q frame checked? */ if (e->ethproto != htons(ETH_P_8021Q)) { DEBUG_MSG @@ -173,6 +166,7 @@ static struct ebt_match filter_vlan __read_mostly = { .name = EBT_VLAN_MATCH, .match = ebt_filter_vlan, .check = ebt_check_vlan, + .matchsize = XT_ALIGN(sizeof(struct ebt_vlan_info)), .me = THIS_MODULE, }; |