| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20201215033151.76139-1-hoang.h.le@dektech.com.au>
Date: Tue, 15 Dec 2020 10:31:51 +0700
From: Hoang Huu Le <hoang.h.le@...tech.com.au>
To: jmaloy@...hat.com, maloy@...jonn.com, ying.xue@...driver.com,
netdev@...r.kernel.org
Cc: Hoang Le <hoang.h.le@...tech.com.au>
Subject: [net-next] tipc: do sanity check payload of a netlink message
From: Hoang Le <hoang.h.le@...tech.com.au>
When we initialize nlmsghdr with no payload inside tipc_nl_compat_dumpit()
the parsing function returns -EINVAL. We fix it by making the parsing call
conditional.
Acked-by: Jon Maloy <jmaloy@...hat.com>
Signed-off-by: Hoang Le <hoang.h.le@...tech.com.au>
---
net/tipc/netlink_compat.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/net/tipc/netlink_compat.c b/net/tipc/netlink_compat.c
index 82f154989418..5a1ce64039f7 100644
--- a/net/tipc/netlink_compat.c
+++ b/net/tipc/netlink_compat.c
@@ -213,12 +213,14 @@ static int __tipc_nl_compat_dumpit(struct tipc_nl_compat_cmd_dump *cmd,
}
info.attrs = attrbuf;
- err = nlmsg_parse_deprecated(cb.nlh, GENL_HDRLEN, attrbuf,
- tipc_genl_family.maxattr,
- tipc_genl_family.policy, NULL);
- if (err)
- goto err_out;
+ if (nlmsg_len(cb.nlh) > 0) {
+ err = nlmsg_parse_deprecated(cb.nlh, GENL_HDRLEN, attrbuf,
+ tipc_genl_family.maxattr,
+ tipc_genl_family.policy, NULL);
+ if (err)
+ goto err_out;
+ }
do {
int rem;
--
2.25.1
Powered by blists - more mailing lists