netfilter: ebtables: do centralized size checking

[safe/jmp/linux-2.6] / net / bridge / netfilter / ebt_vlan.c

diff --git a/net/bridge/netfilter/ebt_vlan.c b/net/bridge/netfilter/ebt_vlan.c
index ab60b0d..4dba47a 100644 (file)
--- a/net/bridge/netfilter/ebt_vlan.c
+++ b/net/bridge/netfilter/ebt_vlan.c
@@ -22,6 +22,7 @@
 #include <linux/if_vlan.h>
 #include <linux/module.h>
 #include <linux/moduleparam.h>
+#include <linux/netfilter/x_tables.h>
 #include <linux/netfilter_bridge/ebtables.h>
 #include <linux/netfilter_bridge/ebt_vlan.h>
 
@@ -93,14 +94,6 @@ ebt_check_vlan(const char *tablename,
 {
        struct ebt_vlan_info *info = data;
 
-       /* Parameters buffer overflow check */
-       if (datalen != EBT_ALIGN(sizeof(struct ebt_vlan_info))) {
-               DEBUG_MSG
-                   ("passed size %d is not eq to ebt_vlan_info (%Zd)\n",
-                    datalen, sizeof(struct ebt_vlan_info));
-               return -EINVAL;
-       }
-
        /* Is it 802.1Q frame checked? */
        if (e->ethproto != htons(ETH_P_8021Q)) {
                DEBUG_MSG
@@ -173,6 +166,7 @@ static struct ebt_match filter_vlan __read_mostly = {
        .name           = EBT_VLAN_MATCH,
        .match          = ebt_filter_vlan,
        .check          = ebt_check_vlan,
+       .matchsize      = XT_ALIGN(sizeof(struct ebt_vlan_info)),
        .me             = THIS_MODULE,
 };