lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1516735170-20921-4-git-send-email-serhe.popovych@gmail.com>
Date:   Tue, 23 Jan 2018 21:19:25 +0200
From:   Serhey Popovych <serhe.popovych@...il.com>
To:     netdev@...r.kernel.org
Subject: [PATCH iproute2-next v2 3/8] iprule: Use inet_addr_match_rta()

While there check return from get_prefix() for filter address.

Signed-off-by: Serhey Popovych <serhe.popovych@...il.com>
---
 ip/iprule.c |   36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/ip/iprule.c b/ip/iprule.c
index 96695d8..a3abf2f 100644
--- a/ip/iprule.c
+++ b/ip/iprule.c
@@ -76,8 +76,6 @@ static struct
 static bool filter_nlmsg(struct nlmsghdr *n, struct rtattr **tb, int host_len)
 {
 	struct rtmsg *r = NLMSG_DATA(n);
-	inet_prefix src = { .family = r->rtm_family };
-	inet_prefix dst = { .family = r->rtm_family };
 	__u32 table;
 
 	if (preferred_family != AF_UNSPEC && r->rtm_family != preferred_family)
@@ -90,24 +88,24 @@ static bool filter_nlmsg(struct nlmsghdr *n, struct rtattr **tb, int host_len)
 		return false;
 
 	if (filter.src.family) {
-		if (tb[FRA_SRC]) {
-			memcpy(&src.data, RTA_DATA(tb[FRA_SRC]),
-			       (r->rtm_src_len + 7) / 8);
-		}
-		if (filter.src.family != r->rtm_family ||
-		    filter.src.bitlen > r->rtm_src_len ||
-		    inet_addr_match(&src, &filter.src, filter.src.bitlen))
+		inet_prefix *f_src = &filter.src;
+
+		if (f_src->family != r->rtm_family ||
+		    f_src->bitlen > r->rtm_src_len)
+			return false;
+
+		if (inet_addr_match_rta(f_src, tb[FRA_SRC]))
 			return false;
 	}
 
 	if (filter.dst.family) {
-		if (tb[FRA_DST]) {
-			memcpy(&dst.data, RTA_DATA(tb[FRA_DST]),
-			       (r->rtm_dst_len + 7) / 8);
-		}
-		if (filter.dst.family != r->rtm_family ||
-		    filter.dst.bitlen > r->rtm_dst_len ||
-		    inet_addr_match(&dst, &filter.dst, filter.dst.bitlen))
+		inet_prefix *f_dst = &filter.dst;
+
+		if (f_dst->family != r->rtm_family ||
+		    f_dst->bitlen > r->rtm_dst_len)
+			return false;
+
+		if (inet_addr_match_rta(f_dst, tb[FRA_DST]))
 			return false;
 	}
 
@@ -500,13 +498,15 @@ static int iprule_list_flush_or_save(int argc, char **argv, int action)
 		} else if (matches(*argv, "from") == 0 ||
 			   matches(*argv, "src") == 0) {
 			NEXT_ARG();
-			get_prefix(&filter.src, *argv, af);
+			if (get_prefix(&filter.src, *argv, af))
+				invarg("from value is invalid\n", *argv);
 		} else {
 			if (matches(*argv, "dst") == 0 ||
 			    matches(*argv, "to") == 0) {
 				NEXT_ARG();
 			}
-			get_prefix(&filter.dst, *argv, af);
+			if (get_prefix(&filter.dst, *argv, af))
+				invarg("to value is invalid\n", *argv);
 		}
 		argc--; argv++;
 	}
-- 
1.7.10.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ