diff options
| author | David Ahern <dsahern@gmail.com> | 2018-10-07 23:16:34 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2018-10-08 13:39:04 -0400 |
| commit | 14fc5bb29fe78aaa1777cfee248339497e30c02e (patch) | |
| tree | 89b9c2434b0831514df42c92c5d7ddd9853238b8 | |
| parent | 786e0007e29a58f563bce744e958c692c7cbd435 (diff) | |
rtnetlink: Update ipmr_rtm_dumplink for strict data checking
Update ipmr_rtm_dumplink for strict data checking. If the flag is set,
the dump request is expected to have an ifinfomsg struct as the header.
All elements of the struct are expected to be 0 and no attributes can
be appended.
Signed-off-by: David Ahern <dsahern@gmail.com>
Acked-by: Christian Brauner <christian@brauner.io>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/ipv4/ipmr.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c index 5660adcf7a04..e7322e407bb4 100644 --- a/net/ipv4/ipmr.c +++ b/net/ipv4/ipmr.c | |||
| @@ -2710,6 +2710,31 @@ static bool ipmr_fill_vif(struct mr_table *mrt, u32 vifid, struct sk_buff *skb) | |||
| 2710 | return true; | 2710 | return true; |
| 2711 | } | 2711 | } |
| 2712 | 2712 | ||
| 2713 | static int ipmr_valid_dumplink(const struct nlmsghdr *nlh, | ||
| 2714 | struct netlink_ext_ack *extack) | ||
| 2715 | { | ||
| 2716 | struct ifinfomsg *ifm; | ||
| 2717 | |||
| 2718 | if (nlh->nlmsg_len < nlmsg_msg_size(sizeof(*ifm))) { | ||
| 2719 | NL_SET_ERR_MSG(extack, "ipv4: Invalid header for ipmr link dump"); | ||
| 2720 | return -EINVAL; | ||
| 2721 | } | ||
| 2722 | |||
| 2723 | if (nlmsg_attrlen(nlh, sizeof(*ifm))) { | ||
| 2724 | NL_SET_ERR_MSG(extack, "Invalid data after header in ipmr link dump"); | ||
| 2725 | return -EINVAL; | ||
| 2726 | } | ||
| 2727 | |||
| 2728 | ifm = nlmsg_data(nlh); | ||
| 2729 | if (ifm->__ifi_pad || ifm->ifi_type || ifm->ifi_flags || | ||
| 2730 | ifm->ifi_change || ifm->ifi_index) { | ||
| 2731 | NL_SET_ERR_MSG(extack, "Invalid values in header for ipmr link dump request"); | ||
| 2732 | return -EINVAL; | ||
| 2733 | } | ||
| 2734 | |||
| 2735 | return 0; | ||
| 2736 | } | ||
| 2737 | |||
| 2713 | static int ipmr_rtm_dumplink(struct sk_buff *skb, struct netlink_callback *cb) | 2738 | static int ipmr_rtm_dumplink(struct sk_buff *skb, struct netlink_callback *cb) |
| 2714 | { | 2739 | { |
| 2715 | struct net *net = sock_net(skb->sk); | 2740 | struct net *net = sock_net(skb->sk); |
| @@ -2718,6 +2743,13 @@ static int ipmr_rtm_dumplink(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 2718 | unsigned int e = 0, s_e; | 2743 | unsigned int e = 0, s_e; |
| 2719 | struct mr_table *mrt; | 2744 | struct mr_table *mrt; |
| 2720 | 2745 | ||
| 2746 | if (cb->strict_check) { | ||
| 2747 | int err = ipmr_valid_dumplink(cb->nlh, cb->extack); | ||
| 2748 | |||
| 2749 | if (err < 0) | ||
| 2750 | return err; | ||
| 2751 | } | ||
| 2752 | |||
| 2721 | s_t = cb->args[0]; | 2753 | s_t = cb->args[0]; |
| 2722 | s_e = cb->args[1]; | 2754 | s_e = cb->args[1]; |
| 2723 | 2755 | ||