From a42827b71b87fc9816d2f58626e825b0eb500efe Mon Sep 17 00:00:00 2001
From: Harald Welte <laforge@netfilter.org>
Date: Tue, 9 Aug 2005 20:03:54 -0700
Subject: [PATCH] [NETFILTER]: cleanup nfnetlink_check_attributes()

1) memset return parameter 'cda' (nfattr pointer array) only on success
2) a message without attributes and just a 'struct nfgenmsg' is valid,
   don't return -EINVAL
3) use likely() and unlikely() where apropriate

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
---
 net/netfilter/nfnetlink.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 578e4fe40945..84efffdbade3 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -163,17 +163,16 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys,
 			cb_id, subsys->cb_count);
 		return -EINVAL;
 	}
-	
-	attr_count = subsys->cb[cb_id].attr_count;
-
-	memset(cda, 0, sizeof(struct nfattr *) * attr_count);
 
-	/* check attribute lengths. */
 	min_len = NLMSG_ALIGN(sizeof(struct nfgenmsg));
-	if (nlh->nlmsg_len < min_len)
+	if (unlikely(nlh->nlmsg_len < min_len))
 		return -EINVAL;
 
-	if (nlh->nlmsg_len > min_len) {
+	attr_count = subsys->cb[cb_id].attr_count;
+	memset(cda, 0, sizeof(struct nfattr *) * attr_count);
+
+	/* check attribute lengths. */
+	if (likely(nlh->nlmsg_len > min_len)) {
 		struct nfattr *attr = NFM_NFA(NLMSG_DATA(nlh));
 		int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len);
 
@@ -186,8 +185,10 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys,
 			}
 			attr = NFA_NEXT(attr, attrlen);
 		}
-	} else
-		return -EINVAL;
+	}
+
+	/* implicit: if nlmsg_len == min_len, we return 0, and an empty
+	 * (zeroed) cda[] array. The message is valid, but empty. */
 
         return 0;
 }
-- 
GitLab