netfilter: nf_tables: Allow object names of up to 255 chars
Same conversion as for table names, use NFT_NAME_MAXLEN as upper boundary as well. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
387454901b
commit
6150957521
|
@ -1016,7 +1016,7 @@ int nft_verdict_dump(struct sk_buff *skb, int type,
|
|||
*/
|
||||
struct nft_object {
|
||||
struct list_head list;
|
||||
char name[NFT_OBJ_MAXNAMELEN];
|
||||
char *name;
|
||||
struct nft_table *table;
|
||||
u32 genmask:2,
|
||||
use:30;
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
#define NFT_TABLE_MAXNAMELEN NFT_NAME_MAXLEN
|
||||
#define NFT_CHAIN_MAXNAMELEN NFT_NAME_MAXLEN
|
||||
#define NFT_SET_MAXNAMELEN NFT_NAME_MAXLEN
|
||||
#define NFT_OBJ_MAXNAMELEN 32
|
||||
#define NFT_OBJ_MAXNAMELEN NFT_NAME_MAXLEN
|
||||
#define NFT_USERDATA_MAXLEN 256
|
||||
|
||||
/**
|
||||
|
|
|
@ -4402,15 +4402,21 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk,
|
|||
goto err1;
|
||||
}
|
||||
obj->table = table;
|
||||
nla_strlcpy(obj->name, nla[NFTA_OBJ_NAME], NFT_OBJ_MAXNAMELEN);
|
||||
obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
|
||||
if (!obj->name) {
|
||||
err = -ENOMEM;
|
||||
goto err2;
|
||||
}
|
||||
|
||||
err = nft_trans_obj_add(&ctx, NFT_MSG_NEWOBJ, obj);
|
||||
if (err < 0)
|
||||
goto err2;
|
||||
goto err3;
|
||||
|
||||
list_add_tail_rcu(&obj->list, &table->objects);
|
||||
table->use++;
|
||||
return 0;
|
||||
err3:
|
||||
kfree(obj->name);
|
||||
err2:
|
||||
if (obj->type->destroy)
|
||||
obj->type->destroy(obj);
|
||||
|
@ -4626,6 +4632,7 @@ static void nft_obj_destroy(struct nft_object *obj)
|
|||
obj->type->destroy(obj);
|
||||
|
||||
module_put(obj->type->owner);
|
||||
kfree(obj->name);
|
||||
kfree(obj);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue