diff options
| author | Patrick McHardy <kaber@trash.net> | 2008-01-23 23:36:30 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-01-28 18:11:23 -0500 |
| commit | 53b2bf3f8a652c9c8e86831f94ae2c5767ea54d7 (patch) | |
| tree | eba61efed08a932766a32b0b6a60e766f8b44bcb /net/sched/act_ipt.c | |
| parent | 6fa8c0144b770dac941cf2c15053b6e24f046c8a (diff) | |
[NET_SCHED]: Use nla_policy for attribute validation in actions
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sched/act_ipt.c')
| -rw-r--r-- | net/sched/act_ipt.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c index 7ab2419b44ec..da696fd3e341 100644 --- a/net/sched/act_ipt.c +++ b/net/sched/act_ipt.c | |||
| @@ -92,6 +92,13 @@ static int tcf_ipt_release(struct tcf_ipt *ipt, int bind) | |||
| 92 | return ret; | 92 | return ret; |
| 93 | } | 93 | } |
| 94 | 94 | ||
| 95 | static const struct nla_policy ipt_policy[TCA_IPT_MAX + 1] = { | ||
| 96 | [TCA_IPT_TABLE] = { .type = NLA_STRING, .len = IFNAMSIZ }, | ||
| 97 | [TCA_IPT_HOOK] = { .type = NLA_U32 }, | ||
| 98 | [TCA_IPT_INDEX] = { .type = NLA_U32 }, | ||
| 99 | [TCA_IPT_TARG] = { .len = sizeof(struct ipt_entry_target) }, | ||
| 100 | }; | ||
| 101 | |||
| 95 | static int tcf_ipt_init(struct nlattr *nla, struct nlattr *est, | 102 | static int tcf_ipt_init(struct nlattr *nla, struct nlattr *est, |
| 96 | struct tc_action *a, int ovr, int bind) | 103 | struct tc_action *a, int ovr, int bind) |
| 97 | { | 104 | { |
| @@ -107,22 +114,20 @@ static int tcf_ipt_init(struct nlattr *nla, struct nlattr *est, | |||
| 107 | if (nla == NULL) | 114 | if (nla == NULL) |
| 108 | return -EINVAL; | 115 | return -EINVAL; |
| 109 | 116 | ||
| 110 | err = nla_parse_nested(tb, TCA_IPT_MAX, nla, NULL); | 117 | err = nla_parse_nested(tb, TCA_IPT_MAX, nla, ipt_policy); |
| 111 | if (err < 0) | 118 | if (err < 0) |
| 112 | return err; | 119 | return err; |
| 113 | 120 | ||
| 114 | if (tb[TCA_IPT_HOOK] == NULL || | 121 | if (tb[TCA_IPT_HOOK] == NULL) |
| 115 | nla_len(tb[TCA_IPT_HOOK]) < sizeof(u32)) | ||
| 116 | return -EINVAL; | 122 | return -EINVAL; |
| 117 | if (tb[TCA_IPT_TARG] == NULL || | 123 | if (tb[TCA_IPT_TARG] == NULL) |
| 118 | nla_len(tb[TCA_IPT_TARG]) < sizeof(*t)) | ||
| 119 | return -EINVAL; | 124 | return -EINVAL; |
| 125 | |||
| 120 | td = (struct ipt_entry_target *)nla_data(tb[TCA_IPT_TARG]); | 126 | td = (struct ipt_entry_target *)nla_data(tb[TCA_IPT_TARG]); |
| 121 | if (nla_len(tb[TCA_IPT_TARG]) < td->u.target_size) | 127 | if (nla_len(tb[TCA_IPT_TARG]) < td->u.target_size) |
| 122 | return -EINVAL; | 128 | return -EINVAL; |
| 123 | 129 | ||
| 124 | if (tb[TCA_IPT_INDEX] != NULL && | 130 | if (tb[TCA_IPT_INDEX] != NULL) |
| 125 | nla_len(tb[TCA_IPT_INDEX]) >= sizeof(u32)) | ||
| 126 | index = nla_get_u32(tb[TCA_IPT_INDEX]); | 131 | index = nla_get_u32(tb[TCA_IPT_INDEX]); |
| 127 | 132 | ||
| 128 | pc = tcf_hash_check(index, a, bind, &ipt_hash_info); | 133 | pc = tcf_hash_check(index, a, bind, &ipt_hash_info); |