* [PATCH] xfrm: validate attributes
@ 2010-02-09 13:59 jamal
2010-02-12 20:30 ` David Miller
0 siblings, 1 reply; 2+ messages in thread
From: jamal @ 2010-02-09 13:59 UTC (permalink / raw)
To: David Miller, Herbert Xu; +Cc: netdev
[-- Attachment #1: Type: text/plain, Size: 91 bytes --]
make sure all XFRMAs go through validation in case wrong
content is passed
cheers,
jamal
[-- Attachment #2: xfrma-vald --]
[-- Type: text/plain, Size: 1003 bytes --]
commit 979fef2abd38392e28c851215c59d1128fe0f776
Author: Jamal Hadi Salim <hadi@cyberus.ca>
Date: Tue Feb 9 08:47:57 2010 -0500
xfrm: validate attributes
Some XFRM attributes were not going through basic validation.
Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca>
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index d5a7129..943c871 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -2054,6 +2054,10 @@ static const int xfrm_msg_min[XFRM_NR_MSGTYPES] = {
#undef XMSGSIZE
static const struct nla_policy xfrma_policy[XFRMA_MAX+1] = {
+ [XFRMA_SA] = { .len = sizeof(struct xfrm_usersa_info)},
+ [XFRMA_POLICY] = { .len = sizeof(struct xfrm_userpolicy_info)},
+ [XFRMA_LASTUSED] = { .type = NLA_U64},
+ [XFRMA_ALG_AUTH_TRUNC] = { .len = sizeof(struct xfrm_algo_auth)},
[XFRMA_ALG_AEAD] = { .len = sizeof(struct xfrm_algo_aead) },
[XFRMA_ALG_AUTH] = { .len = sizeof(struct xfrm_algo) },
[XFRMA_ALG_CRYPT] = { .len = sizeof(struct xfrm_algo) },
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-02-12 20:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-02-09 13:59 [PATCH] xfrm: validate attributes jamal
2010-02-12 20:30 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).