From patchwork Wed Dec 26 03:50:01 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kangjie Lu X-Patchwork-Id: 1018530 X-Patchwork-Delegate: kadlec@blackhole.kfki.hu Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=umn.edu Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=umn.edu header.i=@umn.edu header.b="dZvW669f"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43PfBl1R51z9sCQ for ; Wed, 26 Dec 2018 14:50:39 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726046AbeLZDub (ORCPT ); Tue, 25 Dec 2018 22:50:31 -0500 Received: from mta-p5.oit.umn.edu ([134.84.196.205]:46804 "EHLO mta-p5.oit.umn.edu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725867AbeLZDub (ORCPT ); Tue, 25 Dec 2018 22:50:31 -0500 Received: from localhost (unknown [127.0.0.1]) by mta-p5.oit.umn.edu (Postfix) with ESMTP id EA5CDB99 for ; Wed, 26 Dec 2018 03:50:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at umn.edu Received: from mta-p5.oit.umn.edu ([127.0.0.1]) by localhost (mta-p5.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X14_XmTWfDrK for ; Tue, 25 Dec 2018 21:50:29 -0600 (CST) Received: from mail-it1-f197.google.com (mail-it1-f197.google.com [209.85.166.197]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p5.oit.umn.edu (Postfix) with ESMTPS id B8A71B87 for ; Tue, 25 Dec 2018 21:50:29 -0600 (CST) Received: by mail-it1-f197.google.com with SMTP id o205so17608215itc.2 for ; Tue, 25 Dec 2018 19:50:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=from:to:cc:subject:date:message-id; bh=o5RiJVoGILRyfHHQUYAiGnY19zw49HHQPflwBs5Gz04=; b=dZvW669fQrUjsDLwIocYyF/7lk84IwuBVA/PJtyO7QGpplGI3dstKMqqxUCXGnX9E/ hLhJF51r4h6Nxd7Dr1ihETVhY+M8FpeCMn43n9fieg42oLxPZ9N3UZdWPlpKp036wtOA cnAJfuWITG7a9w3k++Xlh6PEQClET8Ki0O4eOm+0HO50/4lBZfBJEnEPR2HO0CbpoyMa VYxUGstIQW3ZbceCB5MoxK6DcwuZjmZw8dRR5cQvQO9q2+XQFAfDoNX6B6q/n2HMWSDp XonLoAHFcZMMsoQMgP8T5Oz5+lh6JPBe0C8HunnXr8AteCDFvgNZXViXf5x1uk6fRC5O JH8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=o5RiJVoGILRyfHHQUYAiGnY19zw49HHQPflwBs5Gz04=; b=WlUBPTYVPa1a6ii3I64SuEbHhuUTaD6C33h0E2wVGFaZ2YkGX2d6T381k7JoEkEmqi 6z1TRbcfDgjznfKgiEjO9Rtlkgr3K3VAzy2YmGZsGRNXrBfVZmQglQp6rdDamxxP2e8p 9/ep2V9wL6UC7SWZ0UKLVdxVywuenWZ+N+k46iVAVfULQfR3O3vUryHErm/2XkLRwZdH yiplukDCkY1H1fKtha4wclr5A2ei23XRJUKEMCviGo6fZAsXXPIgPQ2tBbTX75gX34el /TvOgbJj/MncqPNS2235TAn017GQcol5rTJ6T1Lz/jFsoZoJVgWTxiKYz1AwtiWq73U8 5kgw== X-Gm-Message-State: AA+aEWbZPLGwDOMre+ENMntrEl3dpzPZlz/4oiTy5lHDT4DZMePk74FH gRQ1JXhMBh7IFbgnTYoQVOrYA1TtZwU0Mee9dmhWcOngPQB/ysHsLZPa3jf5u3fzsZPBRj8bqCp 40b1S2u2ZTsBqCVOGL5vlOuDNhl7lDlo+ X-Received: by 2002:a02:7a58:: with SMTP id z24mr12316598jad.22.1545796229350; Tue, 25 Dec 2018 19:50:29 -0800 (PST) X-Google-Smtp-Source: AFSGD/X5v+gPVfmxZqMxmcR87k3cGGk8QCMEKxG+AeFy/5WfLEWyTE8YFr8tyOML6o58p12sEg2Lxw== X-Received: by 2002:a02:7a58:: with SMTP id z24mr12316590jad.22.1545796229117; Tue, 25 Dec 2018 19:50:29 -0800 (PST) Received: from localhost.localdomain (host-173-230-104-22.mnmigsc.mn.minneapolis.us.clients.pavlovmedia.net. [173.230.104.22]) by smtp.gmail.com with ESMTPSA id h14sm16062538ior.41.2018.12.25.19.50.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 25 Dec 2018 19:50:28 -0800 (PST) From: Kangjie Lu To: kjlu@umn.edu Cc: pakki001@umn.edu, Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Kirill Tkhai , Stefano Brivio , Andrey Ryabinin , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] ipset: fix a missing check of nla_parse Date: Tue, 25 Dec 2018 21:50:01 -0600 Message-Id: <20181226035002.73614-1-kjlu@umn.edu> X-Mailer: git-send-email 2.17.2 (Apple Git-113) Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org When nla_parse fails, we should not use the results (the first argument). The fix checks if it fails, and if so, returns its error code upstream. Signed-off-by: Kangjie Lu --- net/netfilter/ipset/ip_set_core.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 1577f2f76060..4dc8057cff02 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1531,8 +1531,10 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set, memcpy(&errmsg->msg, nlh, nlh->nlmsg_len); cmdattr = (void *)&errmsg->msg + min_len; - nla_parse(cda, IPSET_ATTR_CMD_MAX, cmdattr, + ret = nla_parse(cda, IPSET_ATTR_CMD_MAX, cmdattr, nlh->nlmsg_len - min_len, ip_set_adt_policy, NULL); + if (ret) + return ret; errline = nla_data(cda[IPSET_ATTR_LINENO]);