diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2019-01-10 21:00:16 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2019-01-10 21:00:16 +0100 |
commit | c0886661ee90d7cfd8ef1d2c5be7c1c9944577e1 (patch) | |
tree | 7e61ab4083390cf6a5bd9e27b96f854a2f306856 | |
parent | 8eaaf16019a0bde44959654faa93c417f1973d9c (diff) |
Fix the last missing check of nla_parse()
In dump_init() the outdated comment was incorrect and we had a missing
validation check of nla_parse().
-rw-r--r-- | kernel/net/netfilter/ipset/ip_set_core.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c index a3739be..0a03f69 100644 --- a/kernel/net/netfilter/ipset/ip_set_core.c +++ b/kernel/net/netfilter/ipset/ip_set_core.c @@ -1303,10 +1303,13 @@ dump_init(struct netlink_callback *cb, struct ip_set_net *inst) struct nlattr *attr = (void *)nlh + min_len; u32 dump_type; ip_set_id_t index; + int ret; - /* Second pass, so parser can't fail */ - NLA_PARSE(cda, IPSET_ATTR_CMD_MAX, attr, nlh->nlmsg_len - min_len, - ip_set_setname_policy, NULL); + ret = NLA_PARSE(cda, IPSET_ATTR_CMD_MAX, attr, + nlh->nlmsg_len - min_len, + ip_set_setname_policy, NULL); + if (ret) + return ret; cb->args[IPSET_CB_PROTO] = nla_get_u8(cda[IPSET_ATTR_PROTOCOL]); if (cda[IPSET_ATTR_SETNAME]) { |