> + if (pt->validation_type == NLA_VALIDATE_RANGE_WARN_TOO_LONG &&
> + pt->type == NLA_BINARY && value > range.max) {
> + pr_warn_ratelimited("netlink: '%s': attribute type %d has an
> invalid length.\n",
> + current->comm, pt->type);
> + if (validate & NL_VALIDATE_STRICT_ATTRS) {
> + NL_SET_ERR_MSG_ATTR(extack, nla,
> + "invalid attribute length");
> + return -EINVAL;
> + }
> +
> + /* this assumes min < max (don't validate against min) */
> + return 0;
This (return 0) is the only change since the RFC - otherwise we hit the
error return a few lines later, obviously.
I decided that min > max was nonsense and we don't really need to
validate that the attribute is >=min when it was >max already.
Though in theory, of course, somebody could specify such nonsense, I
just don't think it's reasonable. It's also very difficult to use
because we only have the NLA_POLICY_EXACT_LEN_WARN() macro using this,
so specifying min/max *and* NLA_VALIDATE_RANGE_WARN_TOO_LONG would take
some special dedication ...
Now that I read this again though of course I see that the comment is
wrong, it needs to of course say "min <= max". I'll send v2...
johannes
