| Message ID | 065379b5682ce800f8631bc97bc69b2421d143b7.1590707335.git.mkubecek@suse.cz |
|---|---|
| State | Accepted |
| Delegated to: | John Linville |
| Headers | show |
| Series | netlink interface update for 5.7 release | expand |
On Fri, May 29, 2020 at 01:21:22AM +0200, Michal Kubecek wrote: > As msgbuff_append() only copies protocol payload, i.e. part of the buffer > without netlink and genetlink header, and mnl_nlmsg_get_payload_len() only > subtracts netlink header length, we need to subtract genetlink header > length manually to get correct length of appended data block. > > Fixes: 5050607946b6 ("netlink: message buffer and composition helpers") > Reported-by: Andrew Lunn <andrew@lunn.ch> > Signed-off-by: Michal Kubecek <mkubecek@suse.cz> Tested-by: Andrew Lunn <andrew@lunn.ch> Andrew
diff --git a/netlink/msgbuff.c b/netlink/msgbuff.c index 74065709ef7d..216f5b946236 100644 --- a/netlink/msgbuff.c +++ b/netlink/msgbuff.c @@ -79,6 +79,7 @@ int msgbuff_append(struct nl_msg_buff *dest, struct nl_msg_buff *src) unsigned int dest_len = MNL_ALIGN(msgbuff_len(dest)); int ret; + src_len -= GENL_HDRLEN; ret = msgbuff_realloc(dest, dest_len + src_len); if (ret < 0) return ret;
As msgbuff_append() only copies protocol payload, i.e. part of the buffer without netlink and genetlink header, and mnl_nlmsg_get_payload_len() only subtracts netlink header length, we need to subtract genetlink header length manually to get correct length of appended data block. Fixes: 5050607946b6 ("netlink: message buffer and composition helpers") Reported-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Michal Kubecek <mkubecek@suse.cz> --- netlink/msgbuff.c | 1 + 1 file changed, 1 insertion(+)