From 13f42a71e49164769a98fc51033c65a211861404 Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Thu, 20 Jan 2011 17:54:26 +0100
Subject: Enforce network-order data in the netlink protocol

Allow only network-order data, with NLA_F_NET_BYTEORDER flag.
Sanity checks also added to prevent processing broken messages
where mandatory attributes are missing. (Patrick McHardy's review)
---
 kernel/ip_set_bitmap_ip.c | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

(limited to 'kernel/ip_set_bitmap_ip.c')

diff --git a/kernel/ip_set_bitmap_ip.c b/kernel/ip_set_bitmap_ip.c
index 7806ecc..30db991 100644
--- a/kernel/ip_set_bitmap_ip.c
+++ b/kernel/ip_set_bitmap_ip.c
@@ -121,10 +121,13 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *head, int len,
 		      bitmap_ip_adt_policy))
 		return -IPSET_ERR_PROTOCOL;
 
+	if (unlikely(!tb[IPSET_ATTR_IP]))
+		return -IPSET_ERR_PROTOCOL;
+
 	if (tb[IPSET_ATTR_LINENO])
 		*lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]);
 
-	ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP, &ip);
+	ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP], &ip);
 	if (ret)
 		return ret;
 
@@ -140,7 +143,7 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *head, int len,
 		return bitmap_ip_test(map, ip_to_id(map, ip));
 
 	if (tb[IPSET_ATTR_IP_TO]) {
-		ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP_TO, &ip_to);
+		ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &ip_to);
 		if (ret)
 			return ret;
 		if (ip > ip_to) {
@@ -359,10 +362,14 @@ bitmap_ip_timeout_uadt(struct ip_set *set, struct nlattr *head, int len,
 		      bitmap_ip_adt_policy))
 		return -IPSET_ERR_PROTOCOL;
 
+	if (unlikely(!tb[IPSET_ATTR_IP] ||
+		     !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT)))
+		return -IPSET_ERR_PROTOCOL;
+
 	if (tb[IPSET_ATTR_LINENO])
 		*lineno = nla_get_u32(tb[IPSET_ATTR_LINENO]);
 
-	ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP, &ip);
+	ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP], &ip);
 	if (ret)
 		return ret;
 
@@ -374,7 +381,7 @@ bitmap_ip_timeout_uadt(struct ip_set *set, struct nlattr *head, int len,
 				ip_to_id((const struct bitmap_ip *)map, ip));
 
 	if (tb[IPSET_ATTR_IP_TO]) {
-		ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP_TO, &ip_to);
+		ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &ip_to);
 		if (ret)
 			return ret;
 		if (ip > ip_to) {
@@ -598,12 +605,16 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *head, int len,
 		      bitmap_ip_create_policy))
 		return -IPSET_ERR_PROTOCOL;
 
-	ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP, &first_ip);
+	if (unlikely(!tb[IPSET_ATTR_IP] ||
+		     !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT)))
+		return -IPSET_ERR_PROTOCOL;
+
+	ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP], &first_ip);
 	if (ret)
 		return ret;
 
 	if (tb[IPSET_ATTR_IP_TO]) {
-		ret = ip_set_get_hostipaddr4(tb, IPSET_ATTR_IP_TO, &last_ip);
+		ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &last_ip);
 		if (ret)
 			return ret;
 		if (first_ip > last_ip) {
-- 
cgit v1.2.3