diff options
author | David S. Miller <davem@davemloft.net> | 2012-03-29 23:27:38 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-04-01 18:43:44 -0400 |
commit | a447189e073bf603e335f20f924b71d385d6b2ef (patch) | |
tree | 09e8f85a2044f5571dfa133935b93e95f645cb67 | |
parent | 444653f696d60217e145b050fb82967eaf34eb3f (diff) |
nfnetlink_queue: Stop using NLA_PUT*().
These macros contain a hidden goto, and are thus extremely error
prone and make code hard to audit.
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/netfilter/nfnetlink_queue.c | 59 |
1 files changed, 35 insertions, 24 deletions
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index a80b0cb03f17..8d6bcf32c0ed 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c | |||
@@ -288,58 +288,67 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, | |||
288 | indev = entry->indev; | 288 | indev = entry->indev; |
289 | if (indev) { | 289 | if (indev) { |
290 | #ifndef CONFIG_BRIDGE_NETFILTER | 290 | #ifndef CONFIG_BRIDGE_NETFILTER |
291 | NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV, htonl(indev->ifindex)); | 291 | if (nla_put_be32(skb, NFQA_IFINDEX_INDEV, htonl(indev->ifindex))) |
292 | goto nla_put_failure; | ||
292 | #else | 293 | #else |
293 | if (entry->pf == PF_BRIDGE) { | 294 | if (entry->pf == PF_BRIDGE) { |
294 | /* Case 1: indev is physical input device, we need to | 295 | /* Case 1: indev is physical input device, we need to |
295 | * look for bridge group (when called from | 296 | * look for bridge group (when called from |
296 | * netfilter_bridge) */ | 297 | * netfilter_bridge) */ |
297 | NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSINDEV, | 298 | if (nla_put_be32(skb, NFQA_IFINDEX_PHYSINDEV, |
298 | htonl(indev->ifindex)); | 299 | htonl(indev->ifindex)) || |
299 | /* this is the bridge group "brX" */ | 300 | /* this is the bridge group "brX" */ |
300 | /* rcu_read_lock()ed by __nf_queue */ | 301 | /* rcu_read_lock()ed by __nf_queue */ |
301 | NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV, | 302 | nla_put_be32(skb, NFQA_IFINDEX_INDEV, |
302 | htonl(br_port_get_rcu(indev)->br->dev->ifindex)); | 303 | htonl(br_port_get_rcu(indev)->br->dev->ifindex))) |
304 | goto nla_put_failure; | ||
303 | } else { | 305 | } else { |
304 | /* Case 2: indev is bridge group, we need to look for | 306 | /* Case 2: indev is bridge group, we need to look for |
305 | * physical device (when called from ipv4) */ | 307 | * physical device (when called from ipv4) */ |
306 | NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV, | 308 | if (nla_put_be32(skb, NFQA_IFINDEX_INDEV, |
307 | htonl(indev->ifindex)); | 309 | htonl(indev->ifindex))) |
308 | if (entskb->nf_bridge && entskb->nf_bridge->physindev) | 310 | goto nla_put_failure; |
309 | NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSINDEV, | 311 | if (entskb->nf_bridge && entskb->nf_bridge->physindev && |
310 | htonl(entskb->nf_bridge->physindev->ifindex)); | 312 | nla_put_be32(skb, NFQA_IFINDEX_PHYSINDEV, |
313 | htonl(entskb->nf_bridge->physindev->ifindex))) | ||
314 | goto nla_put_failure; | ||
311 | } | 315 | } |
312 | #endif | 316 | #endif |
313 | } | 317 | } |
314 | 318 | ||
315 | if (outdev) { | 319 | if (outdev) { |
316 | #ifndef CONFIG_BRIDGE_NETFILTER | 320 | #ifndef CONFIG_BRIDGE_NETFILTER |
317 | NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV, htonl(outdev->ifindex)); | 321 | if (nla_put_be32(skb, NFQA_IFINDEX_OUTDEV, htonl(outdev->ifindex))) |
322 | goto nla_put_failure; | ||
318 | #else | 323 | #else |
319 | if (entry->pf == PF_BRIDGE) { | 324 | if (entry->pf == PF_BRIDGE) { |
320 | /* Case 1: outdev is physical output device, we need to | 325 | /* Case 1: outdev is physical output device, we need to |
321 | * look for bridge group (when called from | 326 | * look for bridge group (when called from |
322 | * netfilter_bridge) */ | 327 | * netfilter_bridge) */ |
323 | NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSOUTDEV, | 328 | if (nla_put_be32(skb, NFQA_IFINDEX_PHYSOUTDEV, |
324 | htonl(outdev->ifindex)); | 329 | htonl(outdev->ifindex)) || |
325 | /* this is the bridge group "brX" */ | 330 | /* this is the bridge group "brX" */ |
326 | /* rcu_read_lock()ed by __nf_queue */ | 331 | /* rcu_read_lock()ed by __nf_queue */ |
327 | NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV, | 332 | nla_put_be32(skb, NFQA_IFINDEX_OUTDEV, |
328 | htonl(br_port_get_rcu(outdev)->br->dev->ifindex)); | 333 | htonl(br_port_get_rcu(outdev)->br->dev->ifindex))) |
334 | goto nla_put_failure; | ||
329 | } else { | 335 | } else { |
330 | /* Case 2: outdev is bridge group, we need to look for | 336 | /* Case 2: outdev is bridge group, we need to look for |
331 | * physical output device (when called from ipv4) */ | 337 | * physical output device (when called from ipv4) */ |
332 | NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV, | 338 | if (nla_put_be32(skb, NFQA_IFINDEX_OUTDEV, |
333 | htonl(outdev->ifindex)); | 339 | htonl(outdev->ifindex))) |
334 | if (entskb->nf_bridge && entskb->nf_bridge->physoutdev) | 340 | goto nla_put_failure; |
335 | NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSOUTDEV, | 341 | if (entskb->nf_bridge && entskb->nf_bridge->physoutdev && |
336 | htonl(entskb->nf_bridge->physoutdev->ifindex)); | 342 | nla_put_be32(skb, NFQA_IFINDEX_PHYSOUTDEV, |
343 | htonl(entskb->nf_bridge->physoutdev->ifindex))) | ||
344 | goto nla_put_failure; | ||
337 | } | 345 | } |
338 | #endif | 346 | #endif |
339 | } | 347 | } |
340 | 348 | ||
341 | if (entskb->mark) | 349 | if (entskb->mark && |
342 | NLA_PUT_BE32(skb, NFQA_MARK, htonl(entskb->mark)); | 350 | nla_put_be32(skb, NFQA_MARK, htonl(entskb->mark))) |
351 | goto nla_put_failure; | ||
343 | 352 | ||
344 | if (indev && entskb->dev && | 353 | if (indev && entskb->dev && |
345 | entskb->mac_header != entskb->network_header) { | 354 | entskb->mac_header != entskb->network_header) { |
@@ -347,7 +356,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, | |||
347 | int len = dev_parse_header(entskb, phw.hw_addr); | 356 | int len = dev_parse_header(entskb, phw.hw_addr); |
348 | if (len) { | 357 | if (len) { |
349 | phw.hw_addrlen = htons(len); | 358 | phw.hw_addrlen = htons(len); |
350 | NLA_PUT(skb, NFQA_HWADDR, sizeof(phw), &phw); | 359 | if (nla_put(skb, NFQA_HWADDR, sizeof(phw), &phw)) |
360 | goto nla_put_failure; | ||
351 | } | 361 | } |
352 | } | 362 | } |
353 | 363 | ||
@@ -357,7 +367,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue, | |||
357 | ts.sec = cpu_to_be64(tv.tv_sec); | 367 | ts.sec = cpu_to_be64(tv.tv_sec); |
358 | ts.usec = cpu_to_be64(tv.tv_usec); | 368 | ts.usec = cpu_to_be64(tv.tv_usec); |
359 | 369 | ||
360 | NLA_PUT(skb, NFQA_TIMESTAMP, sizeof(ts), &ts); | 370 | if (nla_put(skb, NFQA_TIMESTAMP, sizeof(ts), &ts)) |
371 | goto nla_put_failure; | ||
361 | } | 372 | } |
362 | 373 | ||
363 | if (data_len) { | 374 | if (data_len) { |