Check IPSET_ATTR_ETHER netlink attribute length in hash:ipmac too

The explicit length checking was missing, added. Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
author: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2016-10-11 08:02:14 +0200
committer: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> 2016-10-11 08:02:14 +0200
commit: 15d7b6d7a3615c897438955257a7a4f0390ff1d8 (patch)
tree: ebb3a5b6b031630dd3a505b71bba973d685a1366
parent: f7e09f6ca80e8a49f5324d9b441ff09642857150 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c b/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c
index aa99251..d9eb144 100644
--- a/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c
+++ b/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c
@@ -123,6 +123,7 @@ hash_ipmac4_uadt(struct ip_set *set, struct nlattr *tb[],
 
 	if (unlikely(!tb[IPSET_ATTR_IP] ||
 		     !tb[IPSET_ATTR_ETHER] ||
+		     nla_len(tb[IPSET_ATTR_ETHER]) != ETH_ALEN ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_PACKETS) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_BYTES)   ||
@@ -241,6 +242,7 @@ hash_ipmac6_uadt(struct ip_set *set, struct nlattr *tb[],
 
 	if (unlikely(!tb[IPSET_ATTR_IP] ||
 		     !tb[IPSET_ATTR_ETHER] ||
+		     nla_len(tb[IPSET_ATTR_ETHER]) != ETH_ALEN ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_PACKETS) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_BYTES)   ||
author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2016-10-11 08:02:14 +0200
committer	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>	2016-10-11 08:02:14 +0200
commit	15d7b6d7a3615c897438955257a7a4f0390ff1d8 (patch)
tree	ebb3a5b6b031630dd3a505b71bba973d685a1366
parent	f7e09f6ca80e8a49f5324d9b441ff09642857150 (diff)