summaryrefslogtreecommitdiff
path: root/include/linux/netfilter.h
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2009-09-30 16:12:20 -0700
committerDavid S. Miller <davem@davemloft.net>2009-09-30 16:12:20 -0700
commitb7058842c940ad2c08dd829b21e5c92ebe3b8758 (patch)
tree5fe78d599fc345ca0bcd4b083b79095a54b2921b /include/linux/netfilter.h
parenteb1cf0f8f7a9e5a6d573d5bd72c015686a042db0 (diff)
downloadlwn-b7058842c940ad2c08dd829b21e5c92ebe3b8758.tar.gz
lwn-b7058842c940ad2c08dd829b21e5c92ebe3b8758.zip
net: Make setsockopt() optlen be unsigned.
This provides safety against negative optlen at the type level instead of depending upon (sometimes non-trivial) checks against this sprinkled all over the the place, in each and every implementation. Based upon work done by Arjan van de Ven and feedback from Linus Torvalds. Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/netfilter.h')
-rw-r--r--include/linux/netfilter.h4
1 files changed, 2 insertions, 2 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 48cfe51bfddc..6132b5e6d9d3 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -221,12 +221,12 @@ __ret;})
/* Call setsockopt() */
int nf_setsockopt(struct sock *sk, u_int8_t pf, int optval, char __user *opt,
- int len);
+ unsigned int len);
int nf_getsockopt(struct sock *sk, u_int8_t pf, int optval, char __user *opt,
int *len);
int compat_nf_setsockopt(struct sock *sk, u_int8_t pf, int optval,
- char __user *opt, int len);
+ char __user *opt, unsigned int len);
int compat_nf_getsockopt(struct sock *sk, u_int8_t pf, int optval,
char __user *opt, int *len);