Commit c32c928d authored by Hoang Le's avatar Hoang Le Committed by Jakub Kicinski
Browse files

tipc: do sanity check payload of a netlink message 



When we initialize nlmsghdr with no payload inside tipc_nl_compat_dumpit()
the parsing function returns -EINVAL. We fix it by making the parsing call
conditional.

Acked-by: default avatarJon Maloy <jmaloy@redhat.com>
Signed-off-by: default avatarHoang Le <hoang.h.le@dektech.com.au>
Link: https://lore.kernel.org/r/20201215033151.76139-1-hoang.h.le@dektech.com.au


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent 023cae85

net/tipc/netlink_compat.c

+7 −5
Original line number Diff line number Diff line
@@ -213,12 +213,14 @@ static int __tipc_nl_compat_dumpit(struct tipc_nl_compat_cmd_dump *cmd, 
	}



	info.attrs = attrbuf;



	if (nlmsg_len(cb.nlh) > 0) {

		err = nlmsg_parse_deprecated(cb.nlh, GENL_HDRLEN, attrbuf,

					     tipc_genl_family.maxattr,

					     tipc_genl_family.policy, NULL);

		if (err)

			goto err_out;



	}

	do {

		int rem;

CRA Git | Maintained and supported by SUSTech CRA and CCSE