aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2012-04-01 20:27:33 -0400
committerDavid S. Miller <davem@davemloft.net>2012-04-02 04:33:43 -0400
commitc78679e8f31b86c7a46e77a3096011f911854187 (patch)
tree511b7a8e07c89a6ca7936c1ed3cb26300d8fe6a5
parent86ebb02dc793058ea17ad647c802b507dafff7cb (diff)
ipv6: Stop using NLA_PUT*().
These macros contain a hidden goto, and are thus extremely error prone and make code hard to audit. Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv6/addrconf.c32
-rw-r--r--net/ipv6/fib6_rules.c15
-rw-r--r--net/ipv6/ip6mr.c9
-rw-r--r--net/ipv6/ndisc.c5
-rw-r--r--net/ipv6/route.c38
5 files changed, 53 insertions, 46 deletions
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 6a3bb6077e19..153060f946e0 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -3989,14 +3989,14 @@ static int inet6_fill_ifla6_attrs(struct sk_buff *skb, struct inet6_dev *idev)
3989 struct nlattr *nla; 3989 struct nlattr *nla;
3990 struct ifla_cacheinfo ci; 3990 struct ifla_cacheinfo ci;
3991 3991
3992 NLA_PUT_U32(skb, IFLA_INET6_FLAGS, idev->if_flags); 3992 if (nla_put_u32(skb, IFLA_INET6_FLAGS, idev->if_flags))
3993 3993 goto nla_put_failure;
3994 ci.max_reasm_len = IPV6_MAXPLEN; 3994 ci.max_reasm_len = IPV6_MAXPLEN;
3995 ci.tstamp = cstamp_delta(idev->tstamp); 3995 ci.tstamp = cstamp_delta(idev->tstamp);
3996 ci.reachable_time = jiffies_to_msecs(idev->nd_parms->reachable_time); 3996 ci.reachable_time = jiffies_to_msecs(idev->nd_parms->reachable_time);
3997 ci.retrans_time = jiffies_to_msecs(idev->nd_parms->retrans_time); 3997 ci.retrans_time = jiffies_to_msecs(idev->nd_parms->retrans_time);
3998 NLA_PUT(skb, IFLA_INET6_CACHEINFO, sizeof(ci), &ci); 3998 if (nla_put(skb, IFLA_INET6_CACHEINFO, sizeof(ci), &ci))
3999 3999 goto nla_put_failure;
4000 nla = nla_reserve(skb, IFLA_INET6_CONF, DEVCONF_MAX * sizeof(s32)); 4000 nla = nla_reserve(skb, IFLA_INET6_CONF, DEVCONF_MAX * sizeof(s32));
4001 if (nla == NULL) 4001 if (nla == NULL)
4002 goto nla_put_failure; 4002 goto nla_put_failure;
@@ -4061,15 +4061,13 @@ static int inet6_fill_ifinfo(struct sk_buff *skb, struct inet6_dev *idev,
4061 hdr->ifi_flags = dev_get_flags(dev); 4061 hdr->ifi_flags = dev_get_flags(dev);
4062 hdr->ifi_change = 0; 4062 hdr->ifi_change = 0;
4063 4063
4064 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name); 4064 if (nla_put_string(skb, IFLA_IFNAME, dev->name) ||
4065 4065 (dev->addr_len &&
4066 if (dev->addr_len) 4066 nla_put(skb, IFLA_ADDRESS, dev->addr_len, dev->dev_addr)) ||
4067 NLA_PUT(skb, IFLA_ADDRESS, dev->addr_len, dev->dev_addr); 4067 nla_put_u32(skb, IFLA_MTU, dev->mtu) ||
4068 4068 (dev->ifindex != dev->iflink &&
4069 NLA_PUT_U32(skb, IFLA_MTU, dev->mtu); 4069 nla_put_u32(skb, IFLA_LINK, dev->iflink)))
4070 if (dev->ifindex != dev->iflink) 4070 goto nla_put_failure;
4071 NLA_PUT_U32(skb, IFLA_LINK, dev->iflink);
4072
4073 protoinfo = nla_nest_start(skb, IFLA_PROTINFO); 4071 protoinfo = nla_nest_start(skb, IFLA_PROTINFO);
4074 if (protoinfo == NULL) 4072 if (protoinfo == NULL)
4075 goto nla_put_failure; 4073 goto nla_put_failure;
@@ -4182,12 +4180,12 @@ static int inet6_fill_prefix(struct sk_buff *skb, struct inet6_dev *idev,
4182 if (pinfo->autoconf) 4180 if (pinfo->autoconf)
4183 pmsg->prefix_flags |= IF_PREFIX_AUTOCONF; 4181 pmsg->prefix_flags |= IF_PREFIX_AUTOCONF;
4184 4182
4185 NLA_PUT(skb, PREFIX_ADDRESS, sizeof(pinfo->prefix), &pinfo->prefix); 4183 if (nla_put(skb, PREFIX_ADDRESS, sizeof(pinfo->prefix), &pinfo->prefix))
4186 4184 goto nla_put_failure;
4187 ci.preferred_time = ntohl(pinfo->prefered); 4185 ci.preferred_time = ntohl(pinfo->prefered);
4188 ci.valid_time = ntohl(pinfo->valid); 4186 ci.valid_time = ntohl(pinfo->valid);
4189 NLA_PUT(skb, PREFIX_CACHEINFO, sizeof(ci), &ci); 4187 if (nla_put(skb, PREFIX_CACHEINFO, sizeof(ci), &ci))
4190 4188 goto nla_put_failure;
4191 return nlmsg_end(skb, nlh); 4189 return nlmsg_end(skb, nlh);
4192 4190
4193nla_put_failure: 4191nla_put_failure:
diff --git a/net/ipv6/fib6_rules.c b/net/ipv6/fib6_rules.c
index b6c573152067..01a2de1f5e87 100644
--- a/net/ipv6/fib6_rules.c
+++ b/net/ipv6/fib6_rules.c
@@ -215,14 +215,13 @@ static int fib6_rule_fill(struct fib_rule *rule, struct sk_buff *skb,
215 frh->src_len = rule6->src.plen; 215 frh->src_len = rule6->src.plen;
216 frh->tos = rule6->tclass; 216 frh->tos = rule6->tclass;
217 217
218 if (rule6->dst.plen) 218 if ((rule6->dst.plen &&
219 NLA_PUT(skb, FRA_DST, sizeof(struct in6_addr), 219 nla_put(skb, FRA_DST, sizeof(struct in6_addr),
220 &rule6->dst.addr); 220 &rule6->dst.addr)) ||
221 221 (rule6->src.plen &&
222 if (rule6->src.plen) 222 nla_put(skb, FRA_SRC, sizeof(struct in6_addr),
223 NLA_PUT(skb, FRA_SRC, sizeof(struct in6_addr), 223 &rule6->src.addr)))
224 &rule6->src.addr); 224 goto nla_put_failure;
225
226 return 0; 225 return 0;
227 226
228nla_put_failure: 227nla_put_failure:
diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c
index 5aa3981a3922..ff6ddf93f269 100644
--- a/net/ipv6/ip6mr.c
+++ b/net/ipv6/ip6mr.c
@@ -2216,14 +2216,15 @@ static int ip6mr_fill_mroute(struct mr6_table *mrt, struct sk_buff *skb,
2216 rtm->rtm_src_len = 128; 2216 rtm->rtm_src_len = 128;
2217 rtm->rtm_tos = 0; 2217 rtm->rtm_tos = 0;
2218 rtm->rtm_table = mrt->id; 2218 rtm->rtm_table = mrt->id;
2219 NLA_PUT_U32(skb, RTA_TABLE, mrt->id); 2219 if (nla_put_u32(skb, RTA_TABLE, mrt->id))
2220 goto nla_put_failure;
2220 rtm->rtm_scope = RT_SCOPE_UNIVERSE; 2221 rtm->rtm_scope = RT_SCOPE_UNIVERSE;
2221 rtm->rtm_protocol = RTPROT_UNSPEC; 2222 rtm->rtm_protocol = RTPROT_UNSPEC;
2222 rtm->rtm_flags = 0; 2223 rtm->rtm_flags = 0;
2223 2224
2224 NLA_PUT(skb, RTA_SRC, 16, &c->mf6c_origin); 2225 if (nla_put(skb, RTA_SRC, 16, &c->mf6c_origin) ||
2225 NLA_PUT(skb, RTA_DST, 16, &c->mf6c_mcastgrp); 2226 nla_put(skb, RTA_DST, 16, &c->mf6c_mcastgrp))
2226 2227 goto nla_put_failure;
2227 if (__ip6mr_fill_mroute(mrt, skb, c, rtm) < 0) 2228 if (__ip6mr_fill_mroute(mrt, skb, c, rtm) < 0)
2228 goto nla_put_failure; 2229 goto nla_put_failure;
2229 2230
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
index 3dcdb81ec3e8..1d6fb0c94da1 100644
--- a/net/ipv6/ndisc.c
+++ b/net/ipv6/ndisc.c
@@ -1099,8 +1099,9 @@ static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1099 1099
1100 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3); 1100 memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1101 1101
1102 NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr), 1102 if (nla_put(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1103 &ipv6_hdr(ra)->saddr); 1103 &ipv6_hdr(ra)->saddr))
1104 goto nla_put_failure;
1104 nlmsg_end(skb, nlh); 1105 nlmsg_end(skb, nlh);
1105 1106
1106 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC); 1107 rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index 3992e26a6039..4d70c06f0436 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -2413,7 +2413,8 @@ static int rt6_fill_node(struct net *net,
2413 else 2413 else
2414 table = RT6_TABLE_UNSPEC; 2414 table = RT6_TABLE_UNSPEC;
2415 rtm->rtm_table = table; 2415 rtm->rtm_table = table;
2416 NLA_PUT_U32(skb, RTA_TABLE, table); 2416 if (nla_put_u32(skb, RTA_TABLE, table))
2417 goto nla_put_failure;
2417 if (rt->rt6i_flags & RTF_REJECT) 2418 if (rt->rt6i_flags & RTF_REJECT)
2418 rtm->rtm_type = RTN_UNREACHABLE; 2419 rtm->rtm_type = RTN_UNREACHABLE;
2419 else if (rt->rt6i_flags & RTF_LOCAL) 2420 else if (rt->rt6i_flags & RTF_LOCAL)
@@ -2436,16 +2437,20 @@ static int rt6_fill_node(struct net *net,
2436 rtm->rtm_flags |= RTM_F_CLONED; 2437 rtm->rtm_flags |= RTM_F_CLONED;
2437 2438
2438 if (dst) { 2439 if (dst) {
2439 NLA_PUT(skb, RTA_DST, 16, dst); 2440 if (nla_put(skb, RTA_DST, 16, dst))
2441 goto nla_put_failure;
2440 rtm->rtm_dst_len = 128; 2442 rtm->rtm_dst_len = 128;
2441 } else if (rtm->rtm_dst_len) 2443 } else if (rtm->rtm_dst_len)
2442 NLA_PUT(skb, RTA_DST, 16, &rt->rt6i_dst.addr); 2444 if (nla_put(skb, RTA_DST, 16, &rt->rt6i_dst.addr))
2445 goto nla_put_failure;
2443#ifdef CONFIG_IPV6_SUBTREES 2446#ifdef CONFIG_IPV6_SUBTREES
2444 if (src) { 2447 if (src) {
2445 NLA_PUT(skb, RTA_SRC, 16, src); 2448 if (nla_put(skb, RTA_SRC, 16, src))
2449 goto nla_put_failure;
2446 rtm->rtm_src_len = 128; 2450 rtm->rtm_src_len = 128;
2447 } else if (rtm->rtm_src_len) 2451 } else if (rtm->rtm_src_len &&
2448 NLA_PUT(skb, RTA_SRC, 16, &rt->rt6i_src.addr); 2452 nla_put(skb, RTA_SRC, 16, &rt->rt6i_src.addr))
2453 goto nla_put_failure;
2449#endif 2454#endif
2450 if (iif) { 2455 if (iif) {
2451#ifdef CONFIG_IPV6_MROUTE 2456#ifdef CONFIG_IPV6_MROUTE
@@ -2463,17 +2468,20 @@ static int rt6_fill_node(struct net *net,
2463 } 2468 }
2464 } else 2469 } else
2465#endif 2470#endif
2466 NLA_PUT_U32(skb, RTA_IIF, iif); 2471 if (nla_put_u32(skb, RTA_IIF, iif))
2472 goto nla_put_failure;
2467 } else if (dst) { 2473 } else if (dst) {
2468 struct in6_addr saddr_buf; 2474 struct in6_addr saddr_buf;
2469 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0) 2475 if (ip6_route_get_saddr(net, rt, dst, 0, &saddr_buf) == 0 &&
2470 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf); 2476 nla_put(skb, RTA_PREFSRC, 16, &saddr_buf))
2477 goto nla_put_failure;
2471 } 2478 }
2472 2479
2473 if (rt->rt6i_prefsrc.plen) { 2480 if (rt->rt6i_prefsrc.plen) {
2474 struct in6_addr saddr_buf; 2481 struct in6_addr saddr_buf;
2475 saddr_buf = rt->rt6i_prefsrc.addr; 2482 saddr_buf = rt->rt6i_prefsrc.addr;
2476 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf); 2483 if (nla_put(skb, RTA_PREFSRC, 16, &saddr_buf))
2484 goto nla_put_failure;
2477 } 2485 }
2478 2486
2479 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0) 2487 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
@@ -2489,11 +2497,11 @@ static int rt6_fill_node(struct net *net,
2489 } 2497 }
2490 rcu_read_unlock(); 2498 rcu_read_unlock();
2491 2499
2492 if (rt->dst.dev) 2500 if (rt->dst.dev &&
2493 NLA_PUT_U32(skb, RTA_OIF, rt->dst.dev->ifindex); 2501 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2494 2502 goto nla_put_failure;
2495 NLA_PUT_U32(skb, RTA_PRIORITY, rt->rt6i_metric); 2503 if (nla_put_u32(skb, RTA_PRIORITY, rt->rt6i_metric))
2496 2504 goto nla_put_failure;
2497 if (!(rt->rt6i_flags & RTF_EXPIRES)) 2505 if (!(rt->rt6i_flags & RTF_EXPIRES))
2498 expires = 0; 2506 expires = 0;
2499 else if (rt->dst.expires - jiffies < INT_MAX) 2507 else if (rt->dst.expires - jiffies < INT_MAX)