Patchworkβ xfrm: validate attributes

login
register
about
Submitter jamal
Date 2010-02-09 13:59:38
Message ID <1265723978.3688.82.camel@bigi>
Download mbox | patch
Permalink /patch/44908/
State Accepted
Delegated to: David Miller
Headers show

Comments

jamal - 2010-02-09 13:59:38
make sure all XFRMAs go through validation in case wrong
content is passed

cheers,
jamal
commit 979fef2abd38392e28c851215c59d1128fe0f776
Author: Jamal Hadi Salim <hadi@cyberus.ca>
Date:   Tue Feb 9 08:47:57 2010 -0500

    xfrm: validate attributes
    
    Some XFRM attributes were not going through basic validation.
    
    Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
David Miller - 2010-02-12 20:30:40
From: jamal <hadi@cyberus.ca>
Date: Tue, 09 Feb 2010 08:59:38 -0500

>     xfrm: validate attributes
>     
>     Some XFRM attributes were not going through basic validation.
>     
>     Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>

Applied to net-next-2.6
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index d5a7129..943c871 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -2054,6 +2054,10 @@  static const int xfrm_msg_min[XFRM_NR_MSGTYPES] = {
 #undef XMSGSIZE
 
 static const struct nla_policy xfrma_policy[XFRMA_MAX+1] = {
+	[XFRMA_SA]		= { .len = sizeof(struct xfrm_usersa_info)},
+	[XFRMA_POLICY]		= { .len = sizeof(struct xfrm_userpolicy_info)},
+	[XFRMA_LASTUSED]	= { .type = NLA_U64},
+	[XFRMA_ALG_AUTH_TRUNC]	= { .len = sizeof(struct xfrm_algo_auth)},
 	[XFRMA_ALG_AEAD]	= { .len = sizeof(struct xfrm_algo_aead) },
 	[XFRMA_ALG_AUTH]	= { .len = sizeof(struct xfrm_algo) },
 	[XFRMA_ALG_CRYPT]	= { .len = sizeof(struct xfrm_algo) },