lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Wed, 23 Sep 2015 14:43:46 +0300
From:	Andrey Vagin <avagin@...nvz.org>
To:	netdev@...r.kernel.org
Cc:	Stephen Hemminger <shemminger@...l.org>,
	Andrew Vagin <avagin@...nvz.org>
Subject: [PATCH iproute2] route: filter routes by family if it's specified

From: Andrew Vagin <avagin@...nvz.org>

Currently when we specify AF_INET6 when it is disabled, we will get
all routes.

For example, we can boot kernel with ipv6.disable=1 and try to get ipv6
routes:
$ ip -6 route show
default via 192.168.122.1 dev eth0  proto static  metric 100
192.168.122.0/24 dev eth0  proto kernel  scope link  src 192.168.122.141  metric 100

Here are ipv4 routes and this is unexpected behaviour.

Signed-off-by: Andrew Vagin <avagin@...nvz.org>
---
 ip/iproute.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ip/iproute.c b/ip/iproute.c
index abe4180..da25548 100644
--- a/ip/iproute.c
+++ b/ip/iproute.c
@@ -145,6 +145,9 @@ static int filter_nlmsg(struct nlmsghdr *n, struct rtattr **tb, int host_len)
 
 	table = rtm_get_table(r, tb);
 
+	if (preferred_family != AF_UNSPEC && r->rtm_family != preferred_family)
+		return 0;
+
 	if (r->rtm_family == AF_INET6 && table != RT_TABLE_MAIN)
 		ip6_multiple_tables = 1;
 
-- 
2.4.3

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists