diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-01-20 17:54:26 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2011-01-20 17:54:26 +0100 |
commit | 13f42a71e49164769a98fc51033c65a211861404 (patch) | |
tree | 966741c7765a2cf866f3a67ca4a432178eadfabe /kernel/ip_set_hash_ip.c | |
parent | c8396bdc040f4b16e6f6e3f8b81b9fb67a499d9c (diff) |
Enforce network-order data in the netlink protocol
Allow only network-order data, with NLA_F_NET_BYTEORDER flag.
Sanity checks also added to prevent processing broken messages
where mandatory attributes are missing. (Patrick McHardy's review)
Diffstat (limited to 'kernel/ip_set_hash_ip.c')
-rw-r--r-- | kernel/ip_set_hash_ip.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/kernel/ip_set_hash_ip.c b/kernel/ip_set_hash_ip.c index e8ae8a5..21ace91 100644 --- a/kernel/ip_set_hash_ip.c +++ b/kernel/ip_set_hash_ip.c @@ -156,10 +156,14 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *head, int len, hash_ip4_adt_policy)) return -IPSET_ERR_PROTOCOL; + if (unlikely(!tb[IPSET_ATTR_IP] || + !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT))) + return -IPSET_ERR_PROTOCOL; + if (tb[IPSET_ATTR_LINENO]) *lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]); - ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP, &ip); + ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP], &ip); if (ret) return ret; @@ -179,7 +183,7 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *head, int len, } if (tb[IPSET_ATTR_IP_TO]) { - ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP_TO, &ip_to); + ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &ip_to); if (ret) return ret; if (ip > ip_to) @@ -346,10 +350,14 @@ hash_ip6_uadt(struct ip_set *set, struct nlattr *head, int len, hash_ip6_adt_policy)) return -IPSET_ERR_PROTOCOL; + if (unlikely(!tb[IPSET_ATTR_IP] || + !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT))) + return -IPSET_ERR_PROTOCOL; + if (tb[IPSET_ATTR_LINENO]) *lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]); - ret = ip_set_get_ipaddr6(tb, IPSET_ATTR_IP, &ip); + ret = ip_set_get_ipaddr6(tb[IPSET_ATTR_IP], &ip); if (ret) return ret; @@ -398,6 +406,11 @@ hash_ip_create(struct ip_set *set, struct nlattr *head, int len, u32 flags) hash_ip_create_policy)) return -IPSET_ERR_PROTOCOL; + if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) || + !ip_set_optattr_netorder(tb, IPSET_ATTR_MAXELEM) || + !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT))) + return -IPSET_ERR_PROTOCOL; + if (tb[IPSET_ATTR_HASHSIZE]) { hashsize = ip_set_get_h32(tb[IPSET_ATTR_HASHSIZE]); if (hashsize < IPSET_MIMINAL_HASHSIZE) |