From 117f033c413820739e6679c926a39a5b3f45ff79 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sun, 4 Apr 2010 02:32:35 +0200 Subject: check source of the netlink message and fix sequence tracking logic This patch changes the callback handlers to include netlink portID checking. Thus, we avoid that any malicious process can spoof messages. If portid, sequence number of the message is != 0, we check if the message is what we expect. This allows to use the same netlink channel for dumps (portid, seq != 0) and event-based notifications (portid, seq == 0). Signed-off-by: Pablo Neira Ayuso --- examples/rtnl-link-dump.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'examples/rtnl-link-dump.c') diff --git a/examples/rtnl-link-dump.c b/examples/rtnl-link-dump.c index 9e3f114..42843aa 100644 --- a/examples/rtnl-link-dump.c +++ b/examples/rtnl-link-dump.c @@ -69,7 +69,7 @@ int main() struct nlmsghdr *nlh; struct rtgenmsg *rt; int ret; - unsigned int seq; + unsigned int seq, portid; nlh = mnl_nlmsg_put_header(buf); nlh->nlmsg_type = RTM_GETLINK; @@ -88,6 +88,7 @@ int main() perror("mnl_socket_bind"); exit(EXIT_FAILURE); } + portid = mnl_socket_get_portid(nl); if (mnl_socket_sendto(nl, nlh, mnl_nlmsg_get_len(nlh)) < 0) { perror("mnl_socket_send"); @@ -96,7 +97,7 @@ int main() ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); while (ret > 0) { - ret = mnl_cb_run(buf, ret, seq, data_cb, NULL); + ret = mnl_cb_run(buf, ret, seq, portid, data_cb, NULL); if (ret <= MNL_CB_STOP) break; ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); -- cgit v1.2.3