¡Hola!
> > > Is there a point in allowing a too-big buffer? I know that
> > > getpeername() and getsockname() do, but it's an indication of an error
> > > on the user code, to me.
> > Hm. This sounds like an issue of interpretation. I have the following
> > opinion: As long as there's enough space for netfilter/iptables to write
> > its data in: don't care.
> > The reason of this check is to know we have enough space.. isn't it?
> Not really. You could just copy, and if it fails, return -EFAULT.
> I feel the point of that argument is to indicate the size of the
> buffer. We have a chance to catch coding errors; I feel the
> getsockname/getpeername approach is wrong (truncate results if too
> short, don't care if too long). Unless someone can come up with a
> compelling reason, why change?
About truncating, i think like you, but for longer than needed it's
ok to don't care and set namelen, because how is else the user know
how big it is beforehand? (ie, different PF == different lens)
> Rusty.
HoraPe
---
Horacio J. Peña
horape@xxxxxxxxxxxxxxxxx
horape@xxxxxxxxxx
bofh@xxxxxxxxxxxxxx
horape@xxxxxxxxxxx
|