netfilter: nf_tables: Allow object names of up to 255 chars

Same conversion as for table names, use NFT_NAME_MAXLEN as upper boundary as well. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2017-07-27 16:56:44 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2017-07-31 20:41:59 +0200
commit: 615095752100748e221028fc96163c2b78185ae4 (patch)
tree: ed3fed47e24762017caa99efbd12bc3513383ee0 /net/netfilter
parent: 387454901bd62022ac1b04e15bd8d4fcc60bbed4 (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index e6a07f27b1a3..149785ff1c7b 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -4402,15 +4402,21 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk,
 		goto err1;
 	}
 	obj->table = table;
-	nla_strlcpy(obj->name, nla[NFTA_OBJ_NAME], NFT_OBJ_MAXNAMELEN);
+	obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
+	if (!obj->name) {
+		err = -ENOMEM;
+		goto err2;
+	}
 
 	err = nft_trans_obj_add(&ctx, NFT_MSG_NEWOBJ, obj);
 	if (err < 0)
-		goto err2;
+		goto err3;
 
 	list_add_tail_rcu(&obj->list, &table->objects);
 	table->use++;
 	return 0;
+err3:
+	kfree(obj->name);
 err2:
 	if (obj->type->destroy)
 		obj->type->destroy(obj);
@@ -4626,6 +4632,7 @@ static void nft_obj_destroy(struct nft_object *obj)
 		obj->type->destroy(obj);
 
 	module_put(obj->type->owner);
+	kfree(obj->name);
 	kfree(obj);
 }
author	Phil Sutter <phil@nwl.cc>	2017-07-27 16:56:44 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2017-07-31 20:41:59 +0200
commit	615095752100748e221028fc96163c2b78185ae4 (patch)
tree	ed3fed47e24762017caa99efbd12bc3513383ee0 /net/netfilter
parent	387454901bd62022ac1b04e15bd8d4fcc60bbed4 (diff)