diff options
| author | Arturo Borrero <arturo.borrero.glez@gmail.com> | 2014-02-26 19:13:26 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-27 10:35:08 +0100 |
| commit | cfe671fa741c9669cadc5dfbf9ae63eb440601cf (patch) | |
| tree | eadb2e1a0242a4a49808327efa1e05bc19f8726f | |
| parent | 313c702ad8700ee5a959d81fd5b2da38e161c278 (diff) | |
src: check if netlink parsing fails
We have to check if mnl_attr_parse() returns an error, which means that it
failed to validate and retrieve the attributes.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | examples/nft-compat-get.c | 3 | ||||
| -rw-r--r-- | src/chain.c | 14 | ||||
| -rw-r--r-- | src/rule.c | 4 | ||||
| -rw-r--r-- | src/set.c | 7 | ||||
| -rw-r--r-- | src/set_elem.c | 11 | ||||
| -rw-r--r-- | src/table.c | 4 |
6 files changed, 32 insertions, 11 deletions
diff --git a/examples/nft-compat-get.c b/examples/nft-compat-get.c index 3294028..8f00cbf 100644 --- a/examples/nft-compat-get.c +++ b/examples/nft-compat-get.c @@ -51,7 +51,8 @@ static int cb(const struct nlmsghdr *nlh, void *data) struct nlattr *tb[NFTA_COMPAT_MAX+1] = {}; struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh); - mnl_attr_parse(nlh, sizeof(*nfg), data_attr_cb, tb); + if (mnl_attr_parse(nlh, sizeof(*nfg), data_attr_cb, tb) < 0) + return MNL_CB_ERROR; if (tb[NFTA_COMPAT_NAME]) printf("name=%s ", mnl_attr_get_str(tb[NFTA_COMPAT_NAME])); diff --git a/src/chain.c b/src/chain.c index 33540b1..ca71069 100644 --- a/src/chain.c +++ b/src/chain.c @@ -502,7 +502,9 @@ int nft_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_chain *c) struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh); int ret = 0; - mnl_attr_parse(nlh, sizeof(*nfg), nft_chain_parse_attr_cb, tb); + if (mnl_attr_parse(nlh, sizeof(*nfg), nft_chain_parse_attr_cb, tb) < 0) + return -1; + if (tb[NFTA_CHAIN_NAME]) { strncpy(c->name, mnl_attr_get_str(tb[NFTA_CHAIN_NAME]), NFT_CHAIN_MAXNAMELEN); @@ -512,8 +514,11 @@ int nft_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_chain *c) c->table = strdup(mnl_attr_get_str(tb[NFTA_CHAIN_TABLE])); c->flags |= (1 << NFT_CHAIN_ATTR_TABLE); } - if (tb[NFTA_CHAIN_HOOK]) + if (tb[NFTA_CHAIN_HOOK]) { ret = nft_chain_parse_hook(tb[NFTA_CHAIN_HOOK], c); + if (ret < 0) + return ret; + } if (tb[NFTA_CHAIN_POLICY]) { c->policy = ntohl(mnl_attr_get_u32(tb[NFTA_CHAIN_POLICY])); c->flags |= (1 << NFT_CHAIN_ATTR_POLICY); @@ -522,8 +527,11 @@ int nft_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_chain *c) c->use = ntohl(mnl_attr_get_u32(tb[NFTA_CHAIN_USE])); c->flags |= (1 << NFT_CHAIN_ATTR_USE); } - if (tb[NFTA_CHAIN_COUNTERS]) + if (tb[NFTA_CHAIN_COUNTERS]) { ret = nft_chain_parse_counters(tb[NFTA_CHAIN_COUNTERS], c); + if (ret < 0) + return ret; + } if (tb[NFTA_CHAIN_HANDLE]) { c->handle = be64toh(mnl_attr_get_u64(tb[NFTA_CHAIN_HANDLE])); c->flags |= (1 << NFT_CHAIN_ATTR_HANDLE); @@ -455,7 +455,9 @@ int nft_rule_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_rule *r) struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh); int ret = 0; - mnl_attr_parse(nlh, sizeof(*nfg), nft_rule_parse_attr_cb, tb); + if (mnl_attr_parse(nlh, sizeof(*nfg), nft_rule_parse_attr_cb, tb) < 0) + return -1; + if (tb[NFTA_RULE_TABLE]) { r->table = strdup(mnl_attr_get_str(tb[NFTA_RULE_TABLE])); r->flags |= (1 << NFT_RULE_ATTR_TABLE); @@ -281,9 +281,10 @@ int nft_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s) { struct nlattr *tb[NFTA_SET_MAX+1] = {}; struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh); - int ret = 0; - mnl_attr_parse(nlh, sizeof(*nfg), nft_set_parse_attr_cb, tb); + if (mnl_attr_parse(nlh, sizeof(*nfg), nft_set_parse_attr_cb, tb) < 0) + return -1; + if (tb[NFTA_SET_TABLE]) { s->table = strdup(mnl_attr_get_str(tb[NFTA_SET_TABLE])); s->flags |= (1 << NFT_SET_ATTR_TABLE); @@ -315,7 +316,7 @@ int nft_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s) s->family = nfg->nfgen_family; s->flags |= (1 << NFT_SET_ATTR_FAMILY); - return ret; + return 0; } EXPORT_SYMBOL(nft_set_nlmsg_parse); diff --git a/src/set_elem.c b/src/set_elem.c index 79fc641..ff2c9d5 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -252,7 +252,11 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest) if (e == NULL) return -1; - mnl_attr_parse_nested(nest, nft_set_elem_parse_attr_cb, tb); + if (mnl_attr_parse_nested(nest, nft_set_elem_parse_attr_cb, tb) < 0) { + nft_set_elem_free(e); + return -1; + } + if (tb[NFTA_SET_ELEM_FLAGS]) { e->set_elem_flags = ntohl(mnl_attr_get_u32(tb[NFTA_SET_ELEM_FLAGS])); @@ -338,7 +342,10 @@ int nft_set_elems_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s) struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh); int ret = 0; - mnl_attr_parse(nlh, sizeof(*nfg), nft_set_elem_list_parse_attr_cb, tb); + if (mnl_attr_parse(nlh, sizeof(*nfg), + nft_set_elem_list_parse_attr_cb, tb) < 0) + return -1; + if (tb[NFTA_SET_ELEM_LIST_TABLE]) { s->table = strdup(mnl_attr_get_str(tb[NFTA_SET_ELEM_LIST_TABLE])); diff --git a/src/table.c b/src/table.c index 0299209..7a85b9e 100644 --- a/src/table.c +++ b/src/table.c @@ -234,7 +234,9 @@ int nft_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_table *t) struct nlattr *tb[NFTA_TABLE_MAX+1] = {}; struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh); - mnl_attr_parse(nlh, sizeof(*nfg), nft_table_parse_attr_cb, tb); + if (mnl_attr_parse(nlh, sizeof(*nfg), nft_table_parse_attr_cb, tb) < 0) + return -1; + if (tb[NFTA_TABLE_NAME]) { t->name = strdup(mnl_attr_get_str(tb[NFTA_TABLE_NAME])); t->flags |= (1 << NFT_TABLE_ATTR_NAME); |