[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <30a73bf49939a69c8d501a9e131763db16215608.1516138644.git.lorenzo.bianconi@redhat.com>
Date: Tue, 16 Jan 2018 23:01:54 +0100
From: Lorenzo Bianconi <lorenzo.bianconi@...hat.com>
To: davem@...emloft.net
Cc: netdev@...r.kernel.org, jchapman@...alix.com, g.nault@...halink.fr
Subject: [PATCH v3 net-next 1/4] l2tp: double-check l2specific_type provided by userspace
Add sanity check on l2specific_type provided by userspace in
l2tp_nl_cmd_session_create() since just L2TP_L2SPECTYPE_DEFAULT and
L2TP_L2SPECTYPE_NONE are currently supported.
Moreover explicitly set l2specific_type to L2TP_L2SPECTYPE_DEFAULT
only if the userspace does not provide a value for it
Reviewed-by: Guillaume Nault <g.nault@...halink.fr>
Tested-by: Guillaume Nault <g.nault@...halink.fr>
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@...hat.com>
---
net/l2tp/l2tp_netlink.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/net/l2tp/l2tp_netlink.c b/net/l2tp/l2tp_netlink.c
index e1ca29f79821..9ba2b8a68f65 100644
--- a/net/l2tp/l2tp_netlink.c
+++ b/net/l2tp/l2tp_netlink.c
@@ -550,9 +550,16 @@ static int l2tp_nl_cmd_session_create(struct sk_buff *skb, struct genl_info *inf
if (info->attrs[L2TP_ATTR_DATA_SEQ])
cfg.data_seq = nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]);
- cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
- if (info->attrs[L2TP_ATTR_L2SPEC_TYPE])
+ if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) {
cfg.l2specific_type = nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]);
+ if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT &&
+ cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) {
+ ret = -EINVAL;
+ goto out_tunnel;
+ }
+ } else {
+ cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT;
+ }
cfg.l2specific_len = 4;
if (info->attrs[L2TP_ATTR_L2SPEC_LEN])
--
2.13.6
Powered by blists - more mailing lists