| Message ID | c0e7aa02ab55b7a810eee7d51839a139a833cfb3.1420502617.git.tgraf@suug.ch |
|---|---|
| State | Accepted, archived |
| Delegated to: | David Miller |
| Headers | show |
diff --git a/include/net/netlink.h b/include/net/netlink.h index 6415835..d5869b9 100644 --- a/include/net/netlink.h +++ b/include/net/netlink.h @@ -520,8 +520,10 @@ static inline void *nlmsg_get_pos(struct sk_buff *skb) */ static inline void nlmsg_trim(struct sk_buff *skb, const void *mark) { - if (mark) + if (mark) { + WARN_ON((unsigned char *) mark < skb->data); skb_trim(skb, (unsigned char *) mark - skb->data); + } } /**
Calling nla_nest_cancel() in a different order as the nesting was built up can lead to negative offsets being calculated which results in skb_trim() being called with an underflowed unsigned int. Warn if mark < skb->data as it's definitely a bug. Signed-off-by: Thomas Graf <tgraf@suug.ch> --- include/net/netlink.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)