From patchwork Sat Jan 5 15:31:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aditya Pakki X-Patchwork-Id: 1020981 X-Patchwork-Delegate: kadlec@blackhole.kfki.hu Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=umn.edu Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=umn.edu header.i=@umn.edu header.b="XPkMKZj2"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43X5JG0BMlz9s4s for ; Sun, 6 Jan 2019 02:32:45 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726286AbfAEPcg (ORCPT ); Sat, 5 Jan 2019 10:32:36 -0500 Received: from mta-p5.oit.umn.edu ([134.84.196.205]:52198 "EHLO mta-p5.oit.umn.edu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726234AbfAEPcg (ORCPT ); Sat, 5 Jan 2019 10:32:36 -0500 Received: from localhost (unknown [127.0.0.1]) by mta-p5.oit.umn.edu (Postfix) with ESMTP id B6B5DC3A for ; Sat, 5 Jan 2019 15:32:34 +0000 (UTC) X-Virus-Scanned: amavisd-new at umn.edu Received: from mta-p5.oit.umn.edu ([127.0.0.1]) by localhost (mta-p5.oit.umn.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r85T2m2wXp4i for ; Sat, 5 Jan 2019 09:32:34 -0600 (CST) Received: from mail-it1-f199.google.com (mail-it1-f199.google.com [209.85.166.199]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta-p5.oit.umn.edu (Postfix) with ESMTPS id 846BFCE5 for ; Sat, 5 Jan 2019 09:32:34 -0600 (CST) Received: by mail-it1-f199.google.com with SMTP id b14so3373907itd.1 for ; Sat, 05 Jan 2019 07:32:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umn.edu; s=google; h=from:to:cc:subject:date:message-id; bh=sEZHiYH52u/jD2RMeuXA32RsiWKpbCNXS9d2zhsVsD0=; b=XPkMKZj2uwwXdHOFV27FbndBvMQgORUcLU6Hg4RT9Nljdebop/eksMKfJesbQmKR6+ CaBZU4wYj1cCxfK0o2UKv6HfycFqIGcOQl6NTnopSOzSZ5VHCLi2qiej3nlp8wa8N4yL 4oXy7ZZ4irGhP7GN4e/w8SLhPwFq/LGyl0ggTLGLfpYR5LjKKk5CCGXAD8AlJx32cqk+ 7RvcrjSr1zMrggHYiuUk56PKBJv40kXa+fXMas8VIi9dYlNUAXEoE/myssyeOfkv/Rdd Afhvtw0hbw+FTA0Od7dXLcudjl4BL0FRE5LngAXILiY1rxpxXh9C6iGCz1A+gI1BaIak OWsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=sEZHiYH52u/jD2RMeuXA32RsiWKpbCNXS9d2zhsVsD0=; b=RCmT0Y8sJ9Xk8xoSZzob4rHOYk0GoJcZnQI9A4hthB80kcuYD++iDssEaX5sh6gpiH R+K+DE5cEnhBC2I0VHn0AeZAuuP0eeECEfS5DBukXlQLIkk3aTNf6hvHpcNJRCRVD0OX cRTjM+A9rnFRnw31d2ENtzK6w/jNZb+LD9Ca8ogQJ2DUEPGFb8k7eSUMYtGwCckFgf0T /xZJx0M+gSMQpP+Oo2ypH5OYfdvjdVoVbiy8TCzQjwaLVA11sWU/u/siyJnTD1oapsqi zRpG6Vjop4RxRNU+nY/cV922brBRxT7IQQrVeiE+6jp0KuybfCTi+P8qQWRsNN9KpnXQ 77lQ== X-Gm-Message-State: AJcUukcKF4f+BhCk50hJX/Y1usBUnXn3CYA3LgEBYBNPTJ+fZg78ThdH VuAGgUlXhemgpkFFsVYhe346EQvJWbidE2n/nRcKoldKRftyxkUBsAuUzqZyvdNxmKT9duYPc8v /+TxCL3KdmSsuXGwoGSCDWoWPpXhPU0Lv X-Received: by 2002:a24:81d4:: with SMTP id q203mr3770106itd.23.1546702354132; Sat, 05 Jan 2019 07:32:34 -0800 (PST) X-Google-Smtp-Source: ALg8bN6oDonFdwQKXlaQeYDugC5CYJAC4Kx4zmTnTnpbrBJW6oxwd5BZgTfxzPEfGk7M3nLDq63hNg== X-Received: by 2002:a24:81d4:: with SMTP id q203mr3770086itd.23.1546702353915; Sat, 05 Jan 2019 07:32:33 -0800 (PST) Received: from cs-u-syssec1.cs.umn.edu (cs-u-syssec1.cs.umn.edu. [134.84.121.78]) by smtp.gmail.com with ESMTPSA id y12sm16765651ion.62.2019.01.05.07.32.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 05 Jan 2019 07:32:33 -0800 (PST) From: Aditya Pakki To: pakki001@umn.edu Cc: kjlu@umn.edu, Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Kirill Tkhai , Stefano Brivio , "Gustavo A. R. Silva" , Andrey Ryabinin , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] [v2] netfilter: ipset: fix a missing check of nla_parse Date: Sat, 5 Jan 2019 09:31:49 -0600 Message-Id: <20190105153150.2600-1-pakki001@umn.edu> X-Mailer: git-send-email 2.17.1 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org When nla_parse fails, we should not use the results (the first argument). The fix checks if it fails, and if so, returns its error code upstream. Signed-off-by: Aditya Pakki --- net/netfilter/ipset/ip_set_core.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 45a257695bef..3ee0fda05a3b 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1546,8 +1546,13 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set, memcpy(&errmsg->msg, nlh, nlh->nlmsg_len); cmdattr = (void *)&errmsg->msg + min_len; - nla_parse(cda, IPSET_ATTR_CMD_MAX, cmdattr, - nlh->nlmsg_len - min_len, ip_set_adt_policy, NULL); + ret = nla_parse(cda, IPSET_ATTR_CMD_MAX, cmdattr, + nlh->nlmsg_len - min_len, ip_set_adt_policy, + NULL); + if (ret) { + nlmsg_free(skb2); + return ret; + } errline = nla_data(cda[IPSET_ATTR_LINENO]);