Browse Source

Fix netlink payload length calculation

nlmsghdr length needs to be removed from payload length. [Bug 341]
Jouni Malinen 15 years ago
parent
commit
3b31db5199

+ 1 - 1
src/drivers/driver_atheros.c

@@ -952,7 +952,7 @@ madwifi_wireless_event_rtm_newlink(struct madwifi_driver_data *drv,
 
 	nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return;
 

+ 1 - 1
src/drivers/driver_hostap.c

@@ -922,7 +922,7 @@ static void hostapd_wireless_event_rtm_newlink(struct hostap_driver_data *drv,
 
 	nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return;
 

+ 1 - 1
src/drivers/driver_madwifi.c

@@ -1022,7 +1022,7 @@ madwifi_wireless_event_rtm_newlink(struct madwifi_driver_data *drv,
 
 	nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return;
 

+ 3 - 3
src/drivers/driver_nl80211.c

@@ -425,7 +425,7 @@ static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
 
 	_nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - _nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return 0;
 
@@ -504,7 +504,7 @@ static void wpa_driver_nl80211_event_rtm_newlink(struct wpa_driver_nl80211_data
 
 	_nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - _nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return;
 
@@ -538,7 +538,7 @@ static void wpa_driver_nl80211_event_rtm_dellink(struct wpa_driver_nl80211_data
 
 	_nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - _nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return;
 

+ 1 - 1
src/drivers/driver_ralink.c

@@ -764,7 +764,7 @@ wpa_driver_ralink_event_rtm_newlink(struct wpa_driver_ralink_data *drv,
 
 	nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	wpa_printf(MSG_DEBUG, "attrlen=%d", attrlen);
 	if (attrlen < 0)
 		return;

+ 3 - 3
src/drivers/driver_wext.c

@@ -637,7 +637,7 @@ static int wpa_driver_wext_own_ifname(struct wpa_driver_wext_data *drv,
 
 	nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return 0;
 
@@ -716,7 +716,7 @@ static void wpa_driver_wext_event_rtm_newlink(struct wpa_driver_wext_data *drv,
 
 	nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return;
 
@@ -753,7 +753,7 @@ static void wpa_driver_wext_event_rtm_dellink(struct wpa_driver_wext_data *drv,
 
 	nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
 
-	attrlen = h->nlmsg_len - nlmsg_len;
+	attrlen = NLMSG_PAYLOAD(h, sizeof(struct ifinfomsg));
 	if (attrlen < 0)
 		return;
 

+ 3 - 0
src/drivers/priv_netlink.h

@@ -53,8 +53,11 @@
 
 #define NLMSG_ALIGNTO 4
 #define NLMSG_ALIGN(len) (((len) + NLMSG_ALIGNTO - 1) & ~(NLMSG_ALIGNTO - 1))
+#define NLMSG_HDRLEN ((int) NLMSG_ALIGN(sizeof(struct nlmsghdr)))
 #define NLMSG_LENGTH(len) ((len) + NLMSG_ALIGN(sizeof(struct nlmsghdr)))
+#define NLMSG_SPACE(len) NLMSG_ALIGN(NLMSG_LENGTH(len))
 #define NLMSG_DATA(nlh) ((void*) (((char*) nlh) + NLMSG_LENGTH(0)))
+#define NLMSG_PAYLOAD(nlh,len) ((nlh)->nlmsg_len - NLMSG_SPACE((len)))
 
 #define RTA_ALIGNTO 4
 #define RTA_ALIGN(len) (((len) + RTA_ALIGNTO - 1) & ~(RTA_ALIGNTO - 1))