aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm/xfrm_user.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/xfrm/xfrm_user.c')
-rw-r--r--net/xfrm/xfrm_user.c15
1 files changed, 15 insertions, 0 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 4791aa8b8185..df7ca2dabc48 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -151,10 +151,16 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
151 err = -EINVAL; 151 err = -EINVAL;
152 switch (p->family) { 152 switch (p->family) {
153 case AF_INET: 153 case AF_INET:
154 if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32)
155 goto out;
156
154 break; 157 break;
155 158
156 case AF_INET6: 159 case AF_INET6:
157#if IS_ENABLED(CONFIG_IPV6) 160#if IS_ENABLED(CONFIG_IPV6)
161 if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128)
162 goto out;
163
158 break; 164 break;
159#else 165#else
160 err = -EAFNOSUPPORT; 166 err = -EAFNOSUPPORT;
@@ -1396,10 +1402,16 @@ static int verify_newpolicy_info(struct xfrm_userpolicy_info *p)
1396 1402
1397 switch (p->sel.family) { 1403 switch (p->sel.family) {
1398 case AF_INET: 1404 case AF_INET:
1405 if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32)
1406 return -EINVAL;
1407
1399 break; 1408 break;
1400 1409
1401 case AF_INET6: 1410 case AF_INET6:
1402#if IS_ENABLED(CONFIG_IPV6) 1411#if IS_ENABLED(CONFIG_IPV6)
1412 if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128)
1413 return -EINVAL;
1414
1403 break; 1415 break;
1404#else 1416#else
1405 return -EAFNOSUPPORT; 1417 return -EAFNOSUPPORT;
@@ -1480,6 +1492,9 @@ static int validate_tmpl(int nr, struct xfrm_user_tmpl *ut, u16 family)
1480 (ut[i].family != prev_family)) 1492 (ut[i].family != prev_family))
1481 return -EINVAL; 1493 return -EINVAL;
1482 1494
1495 if (ut[i].mode >= XFRM_MODE_MAX)
1496 return -EINVAL;
1497
1483 prev_family = ut[i].family; 1498 prev_family = ut[i].family;
1484 1499
1485 switch (ut[i].family) { 1500 switch (ut[i].family) {
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-21 04:46:33 -0400