fib_rules: Stop using NLA_PUT*().

These macros contain a hidden goto, and are thus extremely error prone and make code hard to audit. Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2012-04-01 20:47:01 -0400
committer: David S. Miller <davem@davemloft.net> 2012-04-02 04:33:44 -0400
commit: 0e3cea7b3cdb2344919e96b3af33de64736ae3a3 (patch)
tree: d1ab0f9e682be82389d801c1f69702ff66cab0b3 /net/core/fib_rules.c
parent: be51da0f3e346eb520c4ffdaecb8ba6fb4337a76 (diff)
1 files changed, 15 insertions, 17 deletions
diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c
index c02e63c908da..72cceb79d0d4 100644
--- a/net/core/fib_rules.c
+++ b/net/core/fib_rules.c
@@ -542,7 +542,8 @@ static int fib_nl_fill_rule(struct sk_buff *skb, struct fib_rule *rule,
        frh = nlmsg_data(nlh);
        frh->family = ops->family;
        frh->table = rule->table;
-        NLA_PUT_U32(skb, FRA_TABLE, rule->table);
+        if (nla_put_u32(skb, FRA_TABLE, rule->table))
+                goto nla_put_failure;
        frh->res1 = 0;
        frh->res2 = 0;
        frh->action = rule->action;
@@ -553,31 +554,28 @@ static int fib_nl_fill_rule(struct sk_buff *skb, struct fib_rule *rule,
                frh->flags |= FIB_RULE_UNRESOLVED;
        if (rule->iifname[0]) {
-                NLA_PUT_STRING(skb, FRA_IIFNAME, rule->iifname);
+                if (nla_put_string(skb, FRA_IIFNAME, rule->iifname))
+                        goto nla_put_failure;
                if (rule->iifindex == -1)
                        frh->flags |= FIB_RULE_IIF_DETACHED;
        }
        if (rule->oifname[0]) {
-                NLA_PUT_STRING(skb, FRA_OIFNAME, rule->oifname);
+                if (nla_put_string(skb, FRA_OIFNAME, rule->oifname))
+                        goto nla_put_failure;
                if (rule->oifindex == -1)
                        frh->flags |= FIB_RULE_OIF_DETACHED;
        }
-        if (rule->pref)
+        if ((rule->pref &&
-                NLA_PUT_U32(skb, FRA_PRIORITY, rule->pref);
+             nla_put_u32(skb, FRA_PRIORITY, rule->pref)) ||
+            (rule->mark &&
-        if (rule->mark)
+             nla_put_u32(skb, FRA_FWMARK, rule->mark)) ||
-                NLA_PUT_U32(skb, FRA_FWMARK, rule->mark);
+            ((rule->mark_mask || rule->mark) &&
+             nla_put_u32(skb, FRA_FWMASK, rule->mark_mask)) ||
-        if (rule->mark_mask || rule->mark)
+            (rule->target &&
-                NLA_PUT_U32(skb, FRA_FWMASK, rule->mark_mask);
+             nla_put_u32(skb, FRA_GOTO, rule->target)))
+                goto nla_put_failure;
-        if (rule->target)
-                NLA_PUT_U32(skb, FRA_GOTO, rule->target);
        if (ops->fill(rule, skb, frh) < 0)
                goto nla_put_failure;
author	David S. Miller <davem@davemloft.net>	2012-04-01 20:47:01 -0400
committer	David S. Miller <davem@davemloft.net>	2012-04-02 04:33:44 -0400
commit	0e3cea7b3cdb2344919e96b3af33de64736ae3a3 (patch)
tree	d1ab0f9e682be82389d801c1f69702ff66cab0b3 /net/core/fib_rules.c
parent	be51da0f3e346eb520c4ffdaecb8ba6fb4337a76 (diff)

diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c index c02e63c908da..72cceb79d0d4 100644 --- a/net/core/fib_rules.c +++ b/net/core/fib_rules.c
@@ -542,7 +542,8 @@ static int fib_nl_fill_rule(struct sk_buff skb, struct fib_rule rule,
542	frh = nlmsg_data(nlh);	542	frh = nlmsg_data(nlh);
543	frh->family = ops->family;	543	frh->family = ops->family;
544	frh->table = rule->table;	544	frh->table = rule->table;
545	NLA_PUT_U32(skb, FRA_TABLE, rule->table);	545	if (nla_put_u32(skb, FRA_TABLE, rule->table))
		546	goto nla_put_failure;
546	frh->res1 = 0;	547	frh->res1 = 0;
547	frh->res2 = 0;	548	frh->res2 = 0;
548	frh->action = rule->action;	549	frh->action = rule->action;
@@ -553,31 +554,28 @@ static int fib_nl_fill_rule(struct sk_buff skb, struct fib_rule rule,
553	frh->flags \|= FIB_RULE_UNRESOLVED;	554	frh->flags \|= FIB_RULE_UNRESOLVED;
554		555
555	if (rule->iifname[0]) {	556	if (rule->iifname[0]) {
556	NLA_PUT_STRING(skb, FRA_IIFNAME, rule->iifname);	557	if (nla_put_string(skb, FRA_IIFNAME, rule->iifname))
557		558	goto nla_put_failure;
558	if (rule->iifindex == -1)	559	if (rule->iifindex == -1)
559	frh->flags \|= FIB_RULE_IIF_DETACHED;	560	frh->flags \|= FIB_RULE_IIF_DETACHED;
560	}	561	}
561		562
562	if (rule->oifname[0]) {	563	if (rule->oifname[0]) {
563	NLA_PUT_STRING(skb, FRA_OIFNAME, rule->oifname);	564	if (nla_put_string(skb, FRA_OIFNAME, rule->oifname))
564		565	goto nla_put_failure;
565	if (rule->oifindex == -1)	566	if (rule->oifindex == -1)
566	frh->flags \|= FIB_RULE_OIF_DETACHED;	567	frh->flags \|= FIB_RULE_OIF_DETACHED;
567	}	568	}
568		569
569	if (rule->pref)	570	if ((rule->pref &&
570	NLA_PUT_U32(skb, FRA_PRIORITY, rule->pref);	571	nla_put_u32(skb, FRA_PRIORITY, rule->pref)) \|\|
571		572	(rule->mark &&
572	if (rule->mark)	573	nla_put_u32(skb, FRA_FWMARK, rule->mark)) \|\|
573	NLA_PUT_U32(skb, FRA_FWMARK, rule->mark);	574	((rule->mark_mask \|\| rule->mark) &&
574		575	nla_put_u32(skb, FRA_FWMASK, rule->mark_mask)) \|\|
575	if (rule->mark_mask \|\| rule->mark)	576	(rule->target &&
576	NLA_PUT_U32(skb, FRA_FWMASK, rule->mark_mask);	577	nla_put_u32(skb, FRA_GOTO, rule->target)))
577		578	goto nla_put_failure;
578	if (rule->target)
579	NLA_PUT_U32(skb, FRA_GOTO, rule->target);
580
581	if (ops->fill(rule, skb, frh) < 0)	579	if (ops->fill(rule, skb, frh) < 0)
582	goto nla_put_failure;	580	goto nla_put_failure;
583		581