netfilter: nfnetlink_acct: return -EINVAL if object name is empty

If user-space tries to create accounting object with an empty
name, then return -EINVAL.

Reported-by: Michael Zintakis <michael.zintakis@googlemail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nfnetlink_acct.c b/net/netfilter/nfnetlink_acct.c
index 589d686f0b4cbe0f25b785790dfeba9bf1a13d98..dc3fd5d44464a3ca7cdc5ed68d52ec71256b0cc2 100644 (file)
--- a/net/netfilter/nfnetlink_acct.c
+++ b/net/netfilter/nfnetlink_acct.c
@@ -49,6 +49,8 @@ nfnl_acct_new(struct sock *nfnl, struct sk_buff *skb,
                return -EINVAL;
 
        acct_name = nla_data(tb[NFACCT_NAME]);
+       if (strlen(acct_name) == 0)
+               return -EINVAL;
 
        list_for_each_entry(nfacct, &nfnl_acct_list, head) {
                if (strncmp(nfacct->name, acct_name, NFACCT_NAME_MAX) != 0)