Hi, <br><br>I have been using the libnl's generic netlink support for my user application. I found the following bug, where nlmsg_ok() in lib/msg.c would incorrectly return 'true' when the input argument 'remaining' was a negative number. This happens when the message is not aligned the way that libnl expects (although it is still legal). <br>
<br>In the comparison of the signed and unsigned numbers on line 284, the signed number gets converted to an unsigned number, which is unexpected and naturally produces a bug. My patch is below. The cast is ugly, but it fixes the problem. <br>
<br>Marc <br><br>---------------<br><br>diff --git a/lib/msg.c b/lib/msg.c<br>index 22761a0..01779b1 100644<br>--- a/lib/msg.c<br>+++ b/lib/msg.c<br><br>@@ -284,7 +284,7 @@ int nlmsg_valid_hdr(const struct nlmsghdr *nlh, int hdrlen)<br>
*/<br> int nlmsg_ok(const struct nlmsghdr *nlh, int remaining)<br> {<br>- return (remaining >= sizeof(struct nlmsghdr) &&<br>+ return (remaining >= (int)sizeof(struct nlmsghdr) &&<br> nlh->nlmsg_len >= sizeof(struct nlmsghdr) &&<br>
nlh->nlmsg_len <= remaining);<br> }<br><br>