aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2012-03-29 23:27:38 -0400
committerDavid S. Miller <davem@davemloft.net>2012-04-01 18:43:44 -0400
commita447189e073bf603e335f20f924b71d385d6b2ef (patch)
tree09e8f85a2044f5571dfa133935b93e95f645cb67
parent444653f696d60217e145b050fb82967eaf34eb3f (diff)
nfnetlink_queue: Stop using NLA_PUT*().
These macros contain a hidden goto, and are thus extremely error prone and make code hard to audit. Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/netfilter/nfnetlink_queue.c59
1 files changed, 35 insertions, 24 deletions
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index a80b0cb03f17..8d6bcf32c0ed 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -288,58 +288,67 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
288 indev = entry->indev; 288 indev = entry->indev;
289 if (indev) { 289 if (indev) {
290#ifndef CONFIG_BRIDGE_NETFILTER 290#ifndef CONFIG_BRIDGE_NETFILTER
291 NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV, htonl(indev->ifindex)); 291 if (nla_put_be32(skb, NFQA_IFINDEX_INDEV, htonl(indev->ifindex)))
292 goto nla_put_failure;
292#else 293#else
293 if (entry->pf == PF_BRIDGE) { 294 if (entry->pf == PF_BRIDGE) {
294 /* Case 1: indev is physical input device, we need to 295 /* Case 1: indev is physical input device, we need to
295 * look for bridge group (when called from 296 * look for bridge group (when called from
296 * netfilter_bridge) */ 297 * netfilter_bridge) */
297 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSINDEV, 298 if (nla_put_be32(skb, NFQA_IFINDEX_PHYSINDEV,
298 htonl(indev->ifindex)); 299 htonl(indev->ifindex)) ||
299 /* this is the bridge group "brX" */ 300 /* this is the bridge group "brX" */
300 /* rcu_read_lock()ed by __nf_queue */ 301 /* rcu_read_lock()ed by __nf_queue */
301 NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV, 302 nla_put_be32(skb, NFQA_IFINDEX_INDEV,
302 htonl(br_port_get_rcu(indev)->br->dev->ifindex)); 303 htonl(br_port_get_rcu(indev)->br->dev->ifindex)))
304 goto nla_put_failure;
303 } else { 305 } else {
304 /* Case 2: indev is bridge group, we need to look for 306 /* Case 2: indev is bridge group, we need to look for
305 * physical device (when called from ipv4) */ 307 * physical device (when called from ipv4) */
306 NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV, 308 if (nla_put_be32(skb, NFQA_IFINDEX_INDEV,
307 htonl(indev->ifindex)); 309 htonl(indev->ifindex)))
308 if (entskb->nf_bridge && entskb->nf_bridge->physindev) 310 goto nla_put_failure;
309 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSINDEV, 311 if (entskb->nf_bridge && entskb->nf_bridge->physindev &&
310 htonl(entskb->nf_bridge->physindev->ifindex)); 312 nla_put_be32(skb, NFQA_IFINDEX_PHYSINDEV,
313 htonl(entskb->nf_bridge->physindev->ifindex)))
314 goto nla_put_failure;
311 } 315 }
312#endif 316#endif
313 } 317 }
314 318
315 if (outdev) { 319 if (outdev) {
316#ifndef CONFIG_BRIDGE_NETFILTER 320#ifndef CONFIG_BRIDGE_NETFILTER
317 NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV, htonl(outdev->ifindex)); 321 if (nla_put_be32(skb, NFQA_IFINDEX_OUTDEV, htonl(outdev->ifindex)))
322 goto nla_put_failure;
318#else 323#else
319 if (entry->pf == PF_BRIDGE) { 324 if (entry->pf == PF_BRIDGE) {
320 /* Case 1: outdev is physical output device, we need to 325 /* Case 1: outdev is physical output device, we need to
321 * look for bridge group (when called from 326 * look for bridge group (when called from
322 * netfilter_bridge) */ 327 * netfilter_bridge) */
323 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSOUTDEV, 328 if (nla_put_be32(skb, NFQA_IFINDEX_PHYSOUTDEV,
324 htonl(outdev->ifindex)); 329 htonl(outdev->ifindex)) ||
325 /* this is the bridge group "brX" */ 330 /* this is the bridge group "brX" */
326 /* rcu_read_lock()ed by __nf_queue */ 331 /* rcu_read_lock()ed by __nf_queue */
327 NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV, 332 nla_put_be32(skb, NFQA_IFINDEX_OUTDEV,
328 htonl(br_port_get_rcu(outdev)->br->dev->ifindex)); 333 htonl(br_port_get_rcu(outdev)->br->dev->ifindex)))
334 goto nla_put_failure;
329 } else { 335 } else {
330 /* Case 2: outdev is bridge group, we need to look for 336 /* Case 2: outdev is bridge group, we need to look for
331 * physical output device (when called from ipv4) */ 337 * physical output device (when called from ipv4) */
332 NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV, 338 if (nla_put_be32(skb, NFQA_IFINDEX_OUTDEV,
333 htonl(outdev->ifindex)); 339 htonl(outdev->ifindex)))
334 if (entskb->nf_bridge && entskb->nf_bridge->physoutdev) 340 goto nla_put_failure;
335 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSOUTDEV, 341 if (entskb->nf_bridge && entskb->nf_bridge->physoutdev &&
336 htonl(entskb->nf_bridge->physoutdev->ifindex)); 342 nla_put_be32(skb, NFQA_IFINDEX_PHYSOUTDEV,
343 htonl(entskb->nf_bridge->physoutdev->ifindex)))
344 goto nla_put_failure;
337 } 345 }
338#endif 346#endif
339 } 347 }
340 348
341 if (entskb->mark) 349 if (entskb->mark &&
342 NLA_PUT_BE32(skb, NFQA_MARK, htonl(entskb->mark)); 350 nla_put_be32(skb, NFQA_MARK, htonl(entskb->mark)))
351 goto nla_put_failure;
343 352
344 if (indev && entskb->dev && 353 if (indev && entskb->dev &&
345 entskb->mac_header != entskb->network_header) { 354 entskb->mac_header != entskb->network_header) {
@@ -347,7 +356,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
347 int len = dev_parse_header(entskb, phw.hw_addr); 356 int len = dev_parse_header(entskb, phw.hw_addr);
348 if (len) { 357 if (len) {
349 phw.hw_addrlen = htons(len); 358 phw.hw_addrlen = htons(len);
350 NLA_PUT(skb, NFQA_HWADDR, sizeof(phw), &phw); 359 if (nla_put(skb, NFQA_HWADDR, sizeof(phw), &phw))
360 goto nla_put_failure;
351 } 361 }
352 } 362 }
353 363
@@ -357,7 +367,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
357 ts.sec = cpu_to_be64(tv.tv_sec); 367 ts.sec = cpu_to_be64(tv.tv_sec);
358 ts.usec = cpu_to_be64(tv.tv_usec); 368 ts.usec = cpu_to_be64(tv.tv_usec);
359 369
360 NLA_PUT(skb, NFQA_TIMESTAMP, sizeof(ts), &ts); 370 if (nla_put(skb, NFQA_TIMESTAMP, sizeof(ts), &ts))
371 goto nla_put_failure;
361 } 372 }
362 373
363 if (data_len) { 374 if (data_len) {